imgbb.com Open in urlscan Pro
46.229.170.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://i.ibb.co/
Effective URL:
https://imgbb.com/
Submission: On February 10 via manual (February 10th 2022, 4:00:43 am UTC) from KR — Scanned from GB

Summary HTTP 202 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 32 domains to perform 202 HTTP transactions. The main IP is 46.229.170.2, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is imgbb.com. The Cisco Umbrella rank of the primary domain is 245232.
TLS certificate: Issued by R3 on January 13th 2022. Valid for: 3 months.

This is the only time imgbb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.182.228.53 217.182.228.53	16276 (OVH) (OVH)
1	46.229.170.2 46.229.170.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	2606:4700:303... 2606:4700:3032::ac43:83fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	95.211.66.34 95.211.66.34	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
13	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:fb:... 2a02:26f0:fb:59a::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 20	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 5	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
11	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
6	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
10	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
4	104.89.20.125 104.89.20.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	52.57.143.183 52.57.143.183	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:47b3:499a:9c92:a180	16509 (AMAZON-02) (AMAZON-02)
2 2	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2.21.140.74 2.21.140.74	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
3	213.254.244.108 213.254.244.108	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
202	34

1 217.182.228.53 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip53.ip-217-182-228.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.229.170.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

imgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3032::ac43:83fb (United States)

ASN13335 (CLOUDFLARENET, US)

simgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 95.211.66.34 (Alphen aan den Rijn, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

s.clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:fb:59a::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.141.232 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.11 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.89.20.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.140 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.143.183 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-143-183.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:47b3:499a:9c92:a180 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.23 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.140.74 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-74.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.108 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	258 KB
40	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 ad.doubleclick.net — Cisco Umbrella Rank: 167 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	265 KB
22	clickiocdn.com s.clickiocdn.com — Cisco Umbrella Rank: 41183 clickiocdn.com — Cisco Umbrella Rank: 31672	68 KB
17	adform.net track.adform.net — Cisco Umbrella Rank: 3678 s1.adform.net — Cisco Umbrella Rank: 7462	190 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 346	221 KB
9	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 454 rtb0.doubleverify.com — Cisco Umbrella Rank: 623 tps.doubleverify.com — Cisco Umbrella Rank: 435 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 12036 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 9889	118 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	rubiconproject.com 1 redirects token.rubiconproject.com — Cisco Umbrella Rank: 593 eus.rubiconproject.com — Cisco Umbrella Rank: 512 pixel.rubiconproject.com — Cisco Umbrella Rank: 288	22 KB
8	simgbb.com simgbb.com — Cisco Umbrella Rank: 191584	187 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	75 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	199 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	4 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 269 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 582	1 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	64 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 356	947 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 683 s.tribalfusion.com — Cisco Umbrella Rank: 1640	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 704	2 KB
2	dyntrk.com 2 redirects c.eu1.dyntrk.com — Cisco Umbrella Rank: 4950	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1393	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9027	914 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1193	75 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1616	1 KB
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 691	710 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 927	463 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1330	351 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 491	537 B
1	imgbb.com imgbb.com — Cisco Umbrella Rank: 245232	7 KB
1	ibb.co 1 redirects i.ibb.co — Cisco Umbrella Rank: 13303	74 B
0	netmng.com Failed google2waycm.netmng.com Failed
202	32

	Domain	Requested by
26	tpc.googlesyndication.com	securepubads.g.doubleclick.net e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com tpc.googlesyndication.com imgbb.com googleads.g.doubleclick.net ad.doubleclick.net
20	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
20	pagead2.googlesyndication.com	securepubads.g.doubleclick.net imgbb.com tpc.googlesyndication.com googleads.g.doubleclick.net e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com ad.doubleclick.net www.googletagservices.com
20	clickiocdn.com	s.clickiocdn.com
13	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net imgbb.com
11	track.adform.net	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com s1.adform.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	simgbb.com	imgbb.com simgbb.com
7	www.google.com	1 redirects tpc.googlesyndication.com imgbb.com e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
7	www.googletagservices.com	s.clickiocdn.com e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com imgbb.com cdn.doubleverify.com www.googletagservices.com
6	s1.adform.net	track.adform.net s1.adform.net e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	eus.rubiconproject.com	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com eus.rubiconproject.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cdn.doubleverify.com	imgbb.com cdn.doubleverify.com
4	googleads.g.doubleclick.net	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com imgbb.com
4	fonts.googleapis.com	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3	ups.analytics.yahoo.com	3 redirects
3	token.rubiconproject.com	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com eus.rubiconproject.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
2	tpsc-frc.doubleverify.com	cdn.doubleverify.com
2	image6.pubmatic.com	2 redirects
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	s0.2mdn.net	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	pm.w55c.net	2 redirects
2	c.eu1.dyntrk.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	s.clickiocdn.com	imgbb.com s.clickiocdn.com
1	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	ssbsync.smartadserver.com	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
1	cs.media.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	ad.doubleclick.net	www.googletagservices.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	imgbb.com
1	i.ibb.co	1 redirects
0	google2waycm.netmng.com Failed	e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
202	50

This site contains links to these domains. Also see Links.

Domain
clickio.com
api.imgbb.com
ar.imgbb.com
bg-bg.imgbb.com
cs.imgbb.com
da.imgbb.com
de.imgbb.com
el.imgbb.com
es.imgbb.com
et-ee.imgbb.com
fa.imgbb.com
fi.imgbb.com
fr.imgbb.com
he.imgbb.com
hu.imgbb.com
id.imgbb.com
it.imgbb.com
ja.imgbb.com
ko.imgbb.com
lt-lt.imgbb.com
nb.imgbb.com
nl.imgbb.com
pl.imgbb.com
pt.imgbb.com
pt-br.imgbb.com
ru.imgbb.com
sk.imgbb.com
sr-rs.imgbb.com
sv.imgbb.com
tr.imgbb.com
uk.imgbb.com
vi.imgbb.com
zh-cn.imgbb.com
zh-tw.imgbb.com

Subject Issuer	Validity	Valid
*.imgbb.com R3	`2022-01-13` - `2022-04-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
s.clickiocdn.com R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
adlmerge.com R3	`2022-01-05` - `2022-04-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://imgbb.com/
Frame ID: DE053E247C2A839E3DD04604F95B2FE3
Requests: 48 HTTP requests in this frame

Frame: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 747B3A31FF1CB4096ED524CA29C45F9D
Requests: 1 HTTP requests in this frame

Frame: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 76163C02173C4178984D22517B0F54C5
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: CEA333D0E665C4413FEB29DD7A6FFA49
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 66609F4594EC7FC4B133E62748677FB4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 920B4B10BBE36963682A24725F8A880B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 661CF1CC803A39735C54B2974C04AE91
Requests: 2 HTTP requests in this frame

Frame: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A5F4C2DD0304240F9AB7397C38381CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiyx-yZATAB&v=APEucNXoxg5LZbGsf2V_hAN1dZ0Xr6nKBkQHEikFmbzeeV9qAa7izVlmvPNs_CatSB2Eav4jvzNdA8uXvhS8f8nKIVnHNZ68bA
Frame ID: F0985CC6A44249592FF9510463522782
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bonv-61MlzbFtiXH0R-rdtroEViW9GDpB56x1gpRWLIS2Yd14_hxRdgDl7r1uPZtj3qkIGrAyi9kUwn07E7gtJNZrU-HeRRIdhoz1KMFopb_XMsdh9Q9UGKrRjHvEm5NaM3YuZnSyYCjg4MwtaZfKfr44Lsg&cry=1&dbm_d=AKAmf-COH65wHtc7KrF_bVHgqsFzg8HblZUC2OnJJc60tQuAnEa2DTVEYvd1-C2ydcikYVlnSU8VTJyZoFXtwSDvj3VjRjPZ85Y0OUDJicW25tJwtGIz6Tv6lu2wxOOGhMrAW9GyEgS_gP4s69y0B86OfnTsyJ1qIBOGWrNfpe7oqe3J9F0mISib3XPQanoFeljcnj4V_6NBW44J1phSBvZWIJ_0dtKf4YKMoLgVSx0YEXc6jHqo_yUdq-zl-pcJrqeXHIcbknDxs3B-OKdklX2afAKzkPvhcVrEGmEKnVSw5Ju1T8CV7TNuPhbSi7u5uBWysZekW8ovqCIMkXjdntQ-avmgZhotljE2Af2jomHCN3bNWvFfTP9PqakMd_99nJl7m34OpMeFe8Mg10pFIG1A2pb4jd-QWsQp3arVmqcn_HnJjajvsb0VGo03-JXe3PL4wKgLak_0sTbr9KvteVDiolvR9TVWVSOm5JZXR7xAuOwIBA85pRELDTlx-k3c8OSb2qZW8WKG4TCa0zCuZ6NLmTjzVwA1n3_9CeSs0Sm1rQmHDb96XXgGE0zcmGtay6wpYLw91w0ujek-FCfAUZ01y1hSiiWDh-xrAp0F1U_iKiRj5S6W3vSw1Y59PTwkna5k20QP8vzR75QLtRnpj02GEN3QooKRO5kf486EDdg-u-OPlzIgcZTipE0kLG_o4IrX_KTncsV3xbAtkGYCXTngfwNFH7hrqATKkkegULT9H1atlXSXIwRQ86CxiunmqaKvwXgaZ1Y0KKKL8aprdLFsj8NlgVebX-XI28BwvrFV2zytzwSbprc1i5GwlWm_rGgstRjBy-dQGWbd4NmyJhDM1Q1gOdR3Pm0soEtUjiu7X6SDcuozxZzGjfyXS_RoyxZhf0vK1v1HUWbqItBfzc8-9KI0_R_QVPmt-b4x9SoLN3AOM5NxsXbTau2As67QMiYcgpSGwniUt5S9M2k7ZABqpT5xnJmjm8exzeBNWryEknAkTB4-RzEd3r2Z5HFe4mYpI5DacA8NgQoJaBWhO82s19LPpsjBVZzlNfj1hLB5vrIKTVINURANzLUxVvZOdLhwfOataltxzFGVzo_l6CvaM4vglVBMolRdKyekv2bS2CKILDso-ek-zMtadXmSqb9JBZWle0hS7He7U9S7EC0R5bd7l-26bQyT3xzEJX9TzonSf--0lqs9MjMmH0ELWQ5JkVjGZtgrw8OPVhQQzEyzWEGPSwZw5MU0ppQOT-oCYXOCF0s9LHVM5IDpB1Wn-x0UiVYm2zJbxEsyjU0P8Ica6Fvo7dPJF-_icukIfbQ-YbjHmEthaSJ7HMjfydMRqBchKDGL5R_ovRlXzS7cpaYC54YV7D3LmY0MhBbv9WBj4jdW9d_HrOIHajridZ_tQF4iDcd3xYrxa2NvLX7DRbpdFufJbc-hisOTTAj7HtKl5p6fccr9MEunTqMM93ZZlsHH106vtmnSAzoamqbCnci-u4qJQYCM5aKYe4GP_8x17BYeD_w_S5koUhVeeql4Brn8afOfeMx109RTspibRJMV6jsVUNsDUWk4MiR1cjhQqWbxPW27i3oA6jalHNnMazh_1NM8jc5o1FhxChLudsTI43A0qUwWAxuUkpwK6NOCIA8ITPdINUjav69DVFr5AWN712XYN4RbQHbfKI-nFF1nkMzrGEM2v7Mpui7HOPoysYd9Yo6LquA8HCKhCKZhZbFlh6o8Btfi4v9eknT6hTDQgypKj-uI23CxYGUoBWnchFbwAkNrXTH5pZ0u1zVk8_XH6RYTbmvarWmphI0U7eBME3sCFPS0-_-3bQQfsR9KpS2PRzQvzfCJHwL66Xb2vzFfQzQe6JJ8P6p8ilDh3NffCJ8Qlnd-exojvMlp4o8L3Rh9IOgGZ4MvD7-UEGnfsWH27dU82_QZ3uC3ONimZb_bn-SQjwwdEMCU5nJOX4fSpBQBprxL2cf9fswzizYpcfCanOOqj_bO62YBFW1rRxck6DqPzo_k8hDw35J_8xAgEaB1Hy8k5m6oCRM3vEXXq-kOkKUeZC-EFFE-wKPsasRUbDBCwo0EWleTHt-tYcti8XqziBNNIWLyENRYVG0pwa0GRRJphJbR5gneTfnydwddSOfAb8qQwTKGdHpbSjiVYjCzwILwSSD3JvyYcUuqD3hpRjWF5Iyz1fPRHI-RnxwJZbzwdevmUN_b0k8FRLh0M4XAIZKfI-yC6675fdqVVW-Tb3zMHM9c0Hf2mBRA6egDog3CVsvn9ytRSESaU7pL2gWlfmIZ80819AEvQQNPvghpLyT-OsV7VgC5ienZd736OWkvPw8uOpzFqSbYIT8uGyjW9emgMwJ5l0j8SfRpfuLdhbiqFsVbnEQZSW5MDEgJ1Nk1UUfU0mtHRxT2D7qXgltPyx2o-savF3idOaXokm-VD7Wh-yVZ6chNq_cmyT2KpzynRaiY0hf8G4cFMgK6lNAFLqOmT-GacrQ3Ldvm4cYc-2cdxB_44561FRK7-A8AKQFVW3O5rYqV_eHMMv-QPKDf7vCOoMHMLUsgSWDM6eQYzeXydQnFdyJ4hYGTSmN9gl8vYMtyTXJXzk3-Y5IF62KZL72jqy2ANaZUXNXeVIxRBmmXeRUMV7U6413418waadNL5V9qwGovf0fcNn4XZ0qKhVBA2O9u3romKKZVkFBKA2gO05whvJ_2pSM4EXfbg5x-4-2phaFcO4BNTfvE_k_GhpDn_pzX2DHumNJCtNKmKViACc3vmnM_x47dJjE6buAxV0mm6n3KxodvVPHN2QfFveIvf15BAUZb-DV4vULe9ef39ZovoZX3KK9DA7jJLc14_4LjBfAhM6X25L5XjzJl24kAPpD6l1dHO3DKNuKnTYK7LE-m91Fm7WBJELJdoyEMxkohN0dUmdKqfZAOUbxuUtB5W4c&cid=CAASEuRowh22b5P1dc4pN03sPs4IZg&rfl=2%2Chttps%253A%252F%252Fimgbb.com%252F%240
Frame ID: 25E5AD6F4B90DFBAEB285A096D45F1B9
Requests: 24 HTTP requests in this frame

Frame: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B56595F4D9083DF92ECDE32A3CED65D9
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F79763DB5BE805C4B3159A88D6535267
Requests: 3 HTTP requests in this frame

Frame: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A0739C2FAD2FE97AD4E376E3D3999794
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: F3D02BE6DFE79EFA193DAD1D0712B2E3
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: 676FC38657AD9A7844D618A42D67E88E
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 9E2D9F3851246981F4189ABE01B960D4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB8255429FC9A2FC81A6BAC91FC618EB
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 09F5CD1D793F48ACBD3DB7538EBA374C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D8A0C1101BD04E5595E89E7625B767E9
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2152.js
Frame ID: 9FB5E7332232BABF4014F1BD0D699DC0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9DA6B2A515A6B9215394CD14B559CD05
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E06DA061279B3A43E6DE5A499894A349
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ImgBB — Upload Image — Free Image Hosting

Page URL History Show full URLs

http://i.ibb.co/ HTTP 307
https://i.ibb.co/ HTTP 301
https://imgbb.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

202
Requests

90 %
HTTPS

41 %
IPv6

32
Domains

50
Subdomains

34
IPs

6
Countries

1685 kB
Transfer

4536 kB
Size

30
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://clickio.com/?utm_source=imgbb.com&utm_medium=adunit_label&utm_campaign=hor_sticky_desktop
Title: Ads by

Search URL Search Domain Scan URL

URL: https://api.imgbb.com/
Title: API

Search URL Search Domain Scan URL

URL: https://ar.imgbb.com/
Title: العربية

Search URL Search Domain Scan URL

URL: https://bg-bg.imgbb.com/
Title: Български

Search URL Search Domain Scan URL

URL: https://cs.imgbb.com/
Title: Čeština

Search URL Search Domain Scan URL

URL: https://da.imgbb.com/
Title: Dansk

Search URL Search Domain Scan URL

URL: https://de.imgbb.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://el.imgbb.com/
Title: Ελληνικά

Search URL Search Domain Scan URL

URL: https://es.imgbb.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://et-ee.imgbb.com/
Title: Eesti (Eesti)

Search URL Search Domain Scan URL

URL: https://fa.imgbb.com/
Title: فارسی

Search URL Search Domain Scan URL

URL: https://fi.imgbb.com/
Title: Suomi

Search URL Search Domain Scan URL

URL: https://fr.imgbb.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://he.imgbb.com/
Title: עברית

Search URL Search Domain Scan URL

URL: https://hu.imgbb.com/
Title: Magyar

Search URL Search Domain Scan URL

URL: https://id.imgbb.com/
Title: Bahasa Indonesia

Search URL Search Domain Scan URL

URL: https://it.imgbb.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://ja.imgbb.com/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://ko.imgbb.com/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://lt-lt.imgbb.com/
Title: Lietuvių (Lietuva)

Search URL Search Domain Scan URL

URL: https://nb.imgbb.com/
Title: ‪Norsk Bokmål‬

Search URL Search Domain Scan URL

URL: https://nl.imgbb.com/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://pl.imgbb.com/
Title: Polski

Search URL Search Domain Scan URL

URL: https://pt.imgbb.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://pt-br.imgbb.com/
Title: Português (Brasil)

Search URL Search Domain Scan URL

URL: https://ru.imgbb.com/
Title: Русский

Search URL Search Domain Scan URL

URL: https://sk.imgbb.com/
Title: Slovenčina

Search URL Search Domain Scan URL

URL: https://sr-rs.imgbb.com/
Title: Српски

Search URL Search Domain Scan URL

URL: https://sv.imgbb.com/
Title: Svenska

Search URL Search Domain Scan URL

URL: https://tr.imgbb.com/
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://uk.imgbb.com/
Title: Українська

Search URL Search Domain Scan URL

URL: https://vi.imgbb.com/
Title: Tiếng Việt

Search URL Search Domain Scan URL

URL: https://zh-cn.imgbb.com/
Title: 简体中文

Search URL Search Domain Scan URL

URL: https://zh-tw.imgbb.com/
Title: 繁體中文

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://i.ibb.co/ HTTP 307
https://i.ibb.co/ HTTP 301
https://imgbb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPt5zXqJfI23Mvf3mrSCZkk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPt5zXqJfI23Mvf3mrSCZkk&google_cver=1&C=1

Request Chain 67

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgSN5l-lrHw4kvmPKBLqKwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOHRESQ9guh-KA5H5Jhwhg&google_cver=1

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJwvc9vvumLC0wweAXm4j4c&google_cver=1

Request Chain 69

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzMjM0NzgyMTgyNDEwNDQyOA%3D%3D

Request Chain 149

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEC7uqScZhgIH_AiZPPiD_d0&google_cver=1&google_push=AYg5qPJmkTUW5UUzY1TqQZkBgQ1PvBBfKOPnjy9Ac7aW1G7UO8erjZsftCBBwriRfpcJBVJg3a0qMbW_2eUsOF29uXs9fLRM5txu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC7uqScZhgIH_AiZPPiD_d0&google_push=AYg5qPJmkTUW5UUzY1TqQZkBgQ1PvBBfKOPnjy9Ac7aW1G7UO8erjZsftCBBwriRfpcJBVJg3a0qMbW_2eUsOF29uXs9fLRM5txu

Request Chain 150

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOiHY6PM1ueUjDQEb2ts4J0&google_cver=1&google_push=AYg5qPK2YuLMcVWtHRBeVfvXnIeVUDQ-q1tSwWDriyHgj8hTKDLPLwHnSqHXP9xpEFjuelmmX4NgjIUkYwenZJ7ord6I5RZvoOMv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MjkyNjEzODkwMjkwMjkyOA%3D%3D&google_push=AYg5qPK2YuLMcVWtHRBeVfvXnIeVUDQ-q1tSwWDriyHgj8hTKDLPLwHnSqHXP9xpEFjuelmmX4NgjIUkYwenZJ7ord6I5RZvoOMv

Request Chain 151

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESED-skxWGh-Jsesu1B8Q8e0Y&google_cver=1&google_push=AYg5qPJdfCb68Q3qfJc0O5RJSXVTw1uFGzebplOG3p5hflc3G8_zSmGhjgfzjToD-EXQbyBTdjfEk58EjCJ-8-R9Z3qzn3hFwCo HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESED-skxWGh-Jsesu1B8Q8e0Y&google_cver=1&google_push=AYg5qPJdfCb68Q3qfJc0O5RJSXVTw1uFGzebplOG3p5hflc3G8_zSmGhjgfzjToD-EXQbyBTdjfEk58EjCJ-8-R9Z3qzn3hFwCo&prevuid=&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJdfCb68Q3qfJc0O5RJSXVTw1uFGzebplOG3p5hflc3G8_zSmGhjgfzjToD-EXQbyBTdjfEk58EjCJ-8-R9Z3qzn3hFwCo&google_hm=

Request Chain 153

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIuMEafO-wZOqGlJpPZ3Ybk&google_cver=1&google_push=AYg5qPII3qRlun72sWnhnnkcd5lWCq40nQwR0EAxOoX63RJ2Od5MU-KC7JPtfpa4xIZNm-FBMoo5tIj8F8lBkQ0uVmtMW2kEBNhu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHR0RTOUktMUktRDZVVA==&google_push=AYg5qPII3qRlun72sWnhnnkcd5lWCq40nQwR0EAxOoX63RJ2Od5MU-KC7JPtfpa4xIZNm-FBMoo5tIj8F8lBkQ0uVmtMW2kEBNhu

Request Chain 154

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_cver=1&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc

Request Chain 155

https://sync.bumlam.com/?src=gpix&google_gid=CAESEIYY4_whUut5rwSrVXMg5bQ&google_cver=1&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg

Request Chain 158

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKtYolD4Xc0Kfjv2lidMfW4&google_cver=1&google_push=AYg5qPKC_e2MYo486n_rezGcbP_jIC7DdcdEbr0VJ06ZFNYv4dYBVXH1unce9I70d8cTgM4wz2Z4KDn4ImsQ9mS-UjePBFa5eQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKtYolD4Xc0Kfjv2lidMfW4&google_cver=1&google_push=AYg5qPKC_e2MYo486n_rezGcbP_jIC7DdcdEbr0VJ06ZFNYv4dYBVXH1unce9I70d8cTgM4wz2Z4KDn4ImsQ9mS-UjePBFa5eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V2h5emdWalcxTmkwRGw1&google_gid=CAESEKtYolD4Xc0Kfjv2lidMfW4&google_cver=1&google_push=AYg5qPKC_e2MYo486n_rezGcbP_jIC7DdcdEbr0VJ06ZFNYv4dYBVXH1unce9I70d8cTgM4wz2Z4KDn4ImsQ9mS-UjePBFa5eQ

Request Chain 159

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDJuOu_f3NnoM0D8UpB43JA&google_cver=1&google_push=AYg5qPKsdCSwq75XHD5eql7PpEwNjwFtuQe3bqxL3JNNiYWFYJXGZrv_DsOdBkwpmnw_hCVdNuxiF4j8qG5W_dmSg-9QvVNi1A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKsdCSwq75XHD5eql7PpEwNjwFtuQe3bqxL3JNNiYWFYJXGZrv_DsOdBkwpmnw_hCVdNuxiF4j8qG5W_dmSg-9QvVNi1A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDJuOu_f3NnoM0D8UpB43JA&google_cver=1&google_push=AYg5qPKsdCSwq75XHD5eql7PpEwNjwFtuQe3bqxL3JNNiYWFYJXGZrv_DsOdBkwpmnw_hCVdNuxiF4j8qG5W_dmSg-9QvVNi1A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKsdCSwq75XHD5eql7PpEwNjwFtuQe3bqxL3JNNiYWFYJXGZrv_DsOdBkwpmnw_hCVdNuxiF4j8qG5W_dmSg-9QvVNi1A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 160

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPYIovpGJoEIGInziQV5u-s&google_cver=1&google_push=AYg5qPKyAybBWtoggnxzmOVNhB5xcZGvkmWYTRDspqPFNPTev0Em9LoExDqokpbDzOncns5T00bIVSITeKIyF5i1OwlO6nhGedo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MjkyNjE0MzIwMTY3MTMxMQ%3D%3D&google_push=AYg5qPKyAybBWtoggnxzmOVNhB5xcZGvkmWYTRDspqPFNPTev0Em9LoExDqokpbDzOncns5T00bIVSITeKIyF5i1OwlO6nhGedo

Request Chain 161

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELdcw1cBHD8TPN2Ym_wOzak&google_cver=1&google_push=AYg5qPLgYRk9pff8tY6_gylAWr21K2GCAc4rynqSbHbtEd0eCTOpYZRkCTPcqI3wRdYncAHGQdAPgr8L03NndcOqPAsYj3weM6s HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLgYRk9pff8tY6_gylAWr21K2GCAc4rynqSbHbtEd0eCTOpYZRkCTPcqI3wRdYncAHGQdAPgr8L03NndcOqPAsYj3weM6s&google_gid=CAESELdcw1cBHD8TPN2Ym_wOzak HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgwNzQyOTI0NjI1MzQ2MjIxMjE0NA%3D%3D&google_push=AYg5qPLgYRk9pff8tY6_gylAWr21K2GCAc4rynqSbHbtEd0eCTOpYZRkCTPcqI3wRdYncAHGQdAPgr8L03NndcOqPAsYj3weM6s

Request Chain 162

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFnOUDkcn0R_P4blIkUgFH0&google_cver=1&google_push=AYg5qPJfIdJ3r_lDdEtkMREYnLPd4hvo3nv3bKxDL-0_8ysdsxiyeRz83V4RYFxy4_U6JP5dT3fOkCZn3GgKF_C5qm3sg1u6daVs HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFnOUDkcn0R_P4blIkUgFH0&google_cver=1&google_push=AYg5qPJfIdJ3r_lDdEtkMREYnLPd4hvo3nv3bKxDL-0_8ysdsxiyeRz83V4RYFxy4_U6JP5dT3fOkCZn3GgKF_C5qm3sg1u6daVs&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12T2U1Umh0RTJ1RVJ5NFRCX0ZWeHVmOXlNU3dlLmF6Yn5B&google_push=AYg5qPJfIdJ3r_lDdEtkMREYnLPd4hvo3nv3bKxDL-0_8ysdsxiyeRz83V4RYFxy4_U6JP5dT3fOkCZn3GgKF_C5qm3sg1u6daVs

Request Chain 181

https://um.simpli.fi/gp_match?google_gid=CAESEB1gno7gqHgOh1rgxiqJEC8&google_cver=1&google_push=AYg5qPI7Wau4YAKvkVNXDLmBhHVrR8ianiPW-I7UqPZqbtKf2UCUH_TWPyusH15K-NCe0tSf0NWo1SF_35ABfY-gH2T47NUjMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D94C4A34C1314DEAB9CA4475D9F0CA59&google_push=AYg5qPI7Wau4YAKvkVNXDLmBhHVrR8ianiPW-I7UqPZqbtKf2UCUH_TWPyusH15K-NCe0tSf0NWo1SF_35ABfY-gH2T47NUjMg

Request Chain 182

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED-InRhXrnq2OVv0GQp05TU&google_cver=1&google_push=AYg5qPInV_s5Jdoj_C-BYQyDE6_nttRnyaNh4Mw0NiWyfV3p-ITbJaI-wYJunY08veX9XAX9FF2uCl655MtxhUZpbnJCwKWnlg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPInV_s5Jdoj_C-BYQyDE6_nttRnyaNh4Mw0NiWyfV3p-ITbJaI-wYJunY08veX9XAX9FF2uCl655MtxhUZpbnJCwKWnlg&google_hm=MjA0OTI4MjM3NTE4NzM0MTg4NA%3D%3D

Request Chain 183

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL-fprrwLGF2jTeL6GcweSs&google_cver=1&google_push=AYg5qPKxkX5FskQf8LRInOrHz75iEXiqiy8BR4DTk-dQ52J5sz4_4tqY4BECxIjXN0G2VAIoN02Jw_THApaB8-wxdwSvKUcipg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL-fprrwLGF2jTeL6GcweSs&google_cver=1&google_push=AYg5qPKxkX5FskQf8LRInOrHz75iEXiqiy8BR4DTk-dQ52J5sz4_4tqY4BECxIjXN0G2VAIoN02Jw_THApaB8-wxdwSvKUcipg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xt2E1x7qT_C-aUMJVJM28A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKxkX5FskQf8LRInOrHz75iEXiqiy8BR4DTk-dQ52J5sz4_4tqY4BECxIjXN0G2VAIoN02Jw_THApaB8-wxdwSvKUcipg

Request Chain 184

https://cs.media.net/cksync?type=g&google_gid=CAESEEWUacyAPu6k9vld-zbmLLA&google_cver=1&google_push=AYg5qPI16r_O3TpF54zvZQTCusRMzFhNI4DiLiuvolAgg7XxRVsdrfIEFxEZFuI7KcuEPcqZoq65M1whjb9xExG2UsSSCSo1wB8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg3NDY3MjM5MDY2OTU3NjAwMFYxMA%3d%3d&mn_hm=Mjg3NDY3MjM5MDY2OTU3NjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI16r_O3TpF54zvZQTCusRMzFhNI4DiLiuvolAgg7XxRVsdrfIEFxEZFuI7KcuEPcqZoq65M1whjb9xExG2UsSSCSo1wB8&gdpr=&gdpr_consent=

Request Chain 186

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEB3HT3Xo-3yEK_axKixbN0o&google_cver=1&google_push=AYg5qPLwjwzjE34s5WJc56ybY5a6bKVALZseYed07WRvihI2RKTvVQ6g1InIFp3QyDL4Hg6WxqP0JqF3b2Iv3AjZdqYt3T9eNBES HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12T2U1Umh0RTJ1RVJ5NFRCX0ZWeHVmOXlNU3dlLmF6Yn5B&google_push=AYg5qPLwjwzjE34s5WJc56ybY5a6bKVALZseYed07WRvihI2RKTvVQ6g1InIFp3QyDL4Hg6WxqP0JqF3b2Iv3AjZdqYt3T9eNBES

202 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
imgbb.com/
Redirect Chain

http://i.ibb.co/
https://i.ibb.co/
https://imgbb.com/

29 KB
7 KB

570ms
193ms

Document
text/html

46.229.170.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.229.170.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

d1a3b8bc80b261fa102ed37065138ad74c7f4fd74e83f342af8d61e8f00ce296

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

server: nginx
date: Thu, 10 Feb 2022 04:00:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip

Redirect headers

server: nginx
date: Thu, 10 Feb 2022 04:00:35 GMT
content-type: text/html
content-length: 162
location: https://imgbb.com/

GET
H2 200 ibb.css
simgbb.com/7779/ 123 KB
26 KB 231ms
54ms Stylesheet
text/css 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/7779/ibb.css
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a972f04b8d1b297f16df43bfa182239cb2a658a9e44fbc3659d4296c9dc2afb0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1568
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 05 Feb 2022 18:52:37 GMT
server: cloudflare
etag: W/"61fec775-1eb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yj1g%2BxHvrv143EFVhaFkb7Hz7ziBXBg3XD%2FyzJmUVocBiZrNhs%2Faz%2BJRl33a7bFc1DyqJmTA731Uo8AAMY2ydi4T8MYiChW4HKsiP%2FpVja8QRPonMw%2FGcHrXVovMT%2F5jAtDQjf7r9g7u"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6db26e73e8597525-LHR

GET
H2 200 360_light.js Show response
s.clickiocdn.com/t/224723/ 164 KB
64 KB 233ms
51ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/224723/360_light.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 2686c3414ea84d20b6bfdf55bd00548eecbb07fd5cb1dcda56332255c0c5c316

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:36 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 00:39:07 GMT
server: nginx/1.16.0
etag: W/"62045eab-28f6c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=1800
expires: Thu, 10 Feb 2022 04:30:36 GMT

GET
H2 200 logo.png
simgbb.com/images/ 938 B
1 KB 60ms
60ms Image
image/png 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simgbb.com/images/logo.png
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1422
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 938
last-modified: Tue, 27 Dec 2016 13:13:03 GMT
server: cloudflare
etag: "586268df-3aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7qUZpQMmLAthKoxCVSOnZcCdJZJJAsT2caAVM9mvUFoz52QXmvay0UvwfW0bLlvxcAheU7dbeaWq%2FB3Z5gGQvmxiEwojpXDLHX88AzUdir%2F8HxZFk17NCH1yjCtuiaw1GHeNaAMs%2F46"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6db26e7448907525-LHR

GET
H2 200 jquery2.js Show response
simgbb.com/7779/ 113 KB
41 KB 93ms
93ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/7779/jquery2.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 838ca8f73ac18387e919098d3d04334725a1c92e5b15ad0d69baea936edb492e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1531
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 31 Oct 2020 19:48:54 GMT
server: cloudflare
etag: W/"5f9dbfa6-1c33c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12rM4CGYW8UbYR9EvXLjUdCXdyDVL4PvEB0%2BD9qSy6e2Z67rlbU2p3X7y3KHan8RM4S%2FZy8de54XezL0DcIqnEmL8YqrAetfrCxlpkL%2BCR%2FACqYvSLRC%2FcxUHIVeSv7vPeoLTXTpIibS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6db26e7448967525-LHR

GET
H2 200 ibb.js Show response
simgbb.com/7779/ 223 KB
64 KB 57ms
56ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/7779/ibb.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8068cd0e9e36ac3d01b4dd7abe77dd99014ba824d16514645291b22293713709

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1562
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 20:30:43 GMT
server: cloudflare
etag: W/"62002ff3-37c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc06Ihxw7tguXETWEEwVuXvEjjsti013HOc9%2Bz8Qn2b2DCmZZG2yLk9HhbqnYg64jlc%2FJeZf%2BKO0P1GlJf0GaYpcwAD57pQLJPqoC9OwZmFV44qlGluD3SoUDnvT9EHOe659d%2BGNB%2FPR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6db26e7448977525-LHR

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
simgbb.com/include/fonts/opensans/v13/ 15 KB
16 KB 153ms
51ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/7779/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Request headers

Referer: https://simgbb.com/7779/ibb.css
Origin: https://imgbb.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15572
last-modified: Sun, 29 Jan 2017 14:12:50 GMT
server: cloudflare
etag: "588df862-3cd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7WQxJs246AlMSjlOauGgkFNlhRS6JpCpaTSeuPNN5JYCJuug0hjvByUVRDTBuF03X5g5od83wY5te2HUKYohU6yweVQf8jUStROX0piyvlP81EYwttpyhICY2DCigf5WE76eBKlD7Kx"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6db26e74fa510081-LHR

GET
H2 200 icomoon.woff2
simgbb.com/include/fonts/ 7 KB
7 KB 155ms
52ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/icomoon.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/7779/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b415eba27e079dcf82b5e30a282429cd69a562b5b3e14f6b91ee37b399046ca8

Request headers

Referer: https://simgbb.com/7779/ibb.css
Origin: https://imgbb.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3402
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7232
last-modified: Tue, 24 Apr 2018 17:34:06 GMT
server: cloudflare
etag: "5adf6a8e-1c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wk3wgUXJsgXNbeWlLCYBkNS5khXU6DdUOH2ZWK%2FpgBoWGD%2BA7nKk%2BVB4B9PfSZ%2Fcf%2FuwidGG0A27Q6oyEMoImt4HLEq9Lmyczgn4U43icRwofvWzuWdoqpUAHBY8IRA4cQp1bFwMaeeA"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6db26e74fa520081-LHR

GET
H2 200 MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
simgbb.com/include/fonts/opensans/v13/ 16 KB
16 KB 143ms
54ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/opensans/v13/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/7779/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e

Request headers

Referer: https://simgbb.com/7779/ibb.css
Origin: https://imgbb.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16164
last-modified: Sun, 29 Jan 2017 14:12:55 GMT
server: cloudflare
etag: "588df867-3f24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InVHRV02ejlDVTj%2FHXDdVO1VjeHIJzHrZ%2F3ddH64KHtuPRMggFoKIBTrFnU9Z2Mxcgd0AzxLawR0J4P%2FyjYutsj3WmU0eURu3GouDNw1AeuYcPmvNlaLGew4F8cJmWECMzeJXMKc7CT1"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6db26e74fa530081-LHR

GET
H2 200 DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
simgbb.com/include/fonts/opensans/v13/ 16 KB
16 KB 144ms
55ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/opensans/v13/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/7779/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2

Request headers

Referer: https://simgbb.com/7779/ibb.css
Origin: https://imgbb.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1149
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16152
last-modified: Sun, 29 Jan 2017 14:12:50 GMT
server: cloudflare
etag: "588df862-3f18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoAAvYOcFvs42khyZZYupajTSaps1qhjpR3hiX6cUglraVU%2BmfpcE1WXrok4N2K6pE%2FgVYgCHrswGl4JJWGcUrKp5ujWU4ibyVOrqYBbawXmMvKXr9ArUNgAKobF7qwzEb%2BGoyyyIeLe"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6db26e74fa540081-LHR

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 196ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89297057a002ac0ce0f50b302b451c03cf809172b1b14e3125812bc048c85d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27178
x-xss-protection: 0
server: sffe
etag: "1127 / 734 of 1000 / last-modified: 1644447976"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Feb 2022 04:00:36 GMT

GET
H2 200 / Show response
clickiocdn.com/hbadx/ 46 B
169 B 197ms
54ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/hbadx/?ex=1&f=__lxG__.tmp.pol_d3815i54s0ho7fq2&rt=563664563&site_id=224723&title=ImgBB%20%E2%80%94%20Upload%20Image%20%E2%80%94%20Free%20Image%20Hosting&l=https%3A%2F%2Fimgbb.com%2F
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 691d6f4c557e37971930746c52d1f0ab10398619c787654c4425ecead44aae67

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:36 GMT
content-type: text/html; charset=ISO-8859-1

GET
H2 200 inarticle.css
s.clickiocdn.com/t/static/ 566 B
464 B 51ms
50ms Stylesheet
text/css 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/static/inarticle.css
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: d67c20d8c54d29d417f4c7956c3b5b62cd00798f4ef6dfbb8d39aeb7bb16ea34

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:36 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 11:20:15 GMT
server: nginx/1.16.0
etag: W/"5f327eef-236"
content-type: text/css
access-control-allow-origin: *
iseu: eu
cache-control: max-age=1800
expires: Thu, 10 Feb 2022 04:30:36 GMT

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
190 B 75ms
52ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=jh6uvwu8y8cfqu4563663193&area_id=681339&type=base&f=__lxG__.tmp.rot_4n6gi4agrk0fpa2h&rt=563675107
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 21909a69dbe451d947c601dde087a38fe1cc1f46d337a4df577eaad2019e3546

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:36 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 75ms
53ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=jh6uvwu8y8cfqu4563663193&area_id=681417&type=base&f=__lxG__.tmp.rot_4n6gi4agrk0fpa2h&rt=563675194
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b4917304520aff5ae66d1042f3fc86e5ef60cfc5b0923ce854a7fd9ac680e030

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:36 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 75ms
53ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=jh6uvwu8y8cfqu4563663193&area_id=681442&type=base&f=__lxG__.tmp.rot_4n6gi4agrk0fpa2h&rt=563675103
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: cae5d5def35882e2411d858ef4ae333a8e027f7052e2be63c8b2ef33b2408a5f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:36 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 74ms
52ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=jh6uvwu8y8cfqu4563663193&area_id=681344&type=dfp&f=__lxG__.tmp.rot_4n6gi4agrk0fpa2h&rt=563675104
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 93c1d5a32dd2f82af53050e54c8adb70f19e418e63777c985c4a9f9deefb305b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:36 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 75ms
53ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=jh6uvwu8y8cfqu4563663193&area_id=681423&type=dfp&f=__lxG__.tmp.rot_4n6gi4agrk0fpa2h&rt=563675168
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: a369fd181c398e80fa927923b46d20cd3e06e798ce196c6d430b4cb574a6fda3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:36 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 51ms
50ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=jh6uvwu8y8cfqu4563663193&area_id=681503&type=dfp&f=__lxG__.tmp.rot_4n6gi4agrk0fpa2h&rt=563675186
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 95ce3a38ce9f513e19416aa99f04a1cdb35cf470dd8501fea97c0f22920a4fb6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:36 GMT
content-type: text/html

GET
H2 200 pubads_impl_2022020301.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
120 KB 173ms
54ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122037
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 09:34:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Feb 2023 01:00:18 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 100 B
727 B 181ms
63ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=imgbb.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

b6de8119595bb45e2484723c13ad43a30dde09a87eec93060f8330c97d927362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 04:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
expires: Thu, 10 Feb 2022 04:00:37 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 181ms
63ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 04:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 180ms
62ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 04:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 119 KB
32 KB 292ms
291ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=995117704085038&correlator=1161373038038648&output=ldjh&impl=fif&eid=31061815%2C44755510&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=45470634%3A22676723043%2Cclickio_area_681349_300x600&enc_prev_ius=0%2F1&prev_iu_szs=1x1&ists=1&fas=8&cookie_enabled=1&bc=31&abxe=1&dt=1644465637269&lmt=1644465637&dlt=1644465636242&idt=997&frm=20&biw=1600&bih=1200&oid=2&adks=2913936725&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1351760880.1644465637&ga_sid=1644465637&ga_hid=1399972106&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f8042ba2ca4dde17599ff896c67a55764357e7e050b951ff24e230610b3dd888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31800
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 747B 6 KB
4 KB 219ms
63ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 10 Feb 2022 04:00:37 GMT
expires: Fri, 10 Feb 2023 04:00:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pubads_impl_page_level_ads_2022020301.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 55ms
54ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022020301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

f41678f1d8b87cabdb3f8570e1ad2872e9d7c011cfc99e62bdeb87313227dafc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12990
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 09:34:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Feb 2023 03:41:09 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 188ms
71ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a39702ee0f460c80777514aca649fe8d2bd719577bdbcc840201e8b02b374eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 04:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9785
x-xss-protection: 0

GET
H3 200 container.html Show response
e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7616 6 KB
3 KB 117ms
55ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 04:00:37 GMT
expires: Fri, 10 Feb 2023 04:00:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 138ms
74ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 04:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 125ms
62ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 04:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
12 KB 297ms
296ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=995117704085038&correlator=1161373038038648&output=ldjh&impl=fif&eid=31061815%2C44755510&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=45470634%3A22676723043%2Cclickio_area_681423_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=unit_type%3Dfixed%26ar_imp%3D0%26mifu_imp%3D1&cust_params=adm_lazy_load%3D1%26adm_lazy_load_var%3D400x200d%26adm_lazy_load_dev%3D400x200d&cookie=ID%3Dd530b27a0f9a6c7a-22cf4a3f3ccd006c%3AT%3D1644465637%3AS%3DALNI_MazkZG599_rTPWDtQqvZOJIFehn5w&bc=31&abxe=1&dt=1644465637672&lmt=1644465637&dlt=1644465636242&idt=997&frm=20&biw=1600&bih=1200&oid=2&adxs=988&adys=458&adks=3479477931&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=336x10&msz=336x0&ga_vid=1351760880.1644465637&ga_sid=1644465637&ga_hid=1399972106&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a1c8cad4ed434beb695ed406f97d9b319ecd0ad02d37dc8de4145cdd5af9db50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12635
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 447ms
447ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=995117704085038&correlator=1161373038038648&output=ldjh&impl=fif&eid=31061815%2C44755510&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=45470634%3A22676723043%2Cclickio_area_681503_980x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x90%7C320x50%7C728x90%7C970x90&prev_scp=autorefresh%3D30_sec%26unit_type%3Dfixed%26ar_imp%3D0&cust_params=adm_lazy_load%3D1%26adm_lazy_load_var%3D400x200d%26adm_lazy_load_dev%3D400x200d&cookie=ID%3Dd530b27a0f9a6c7a-22cf4a3f3ccd006c%3AT%3D1644465637%3AS%3DALNI_MazkZG599_rTPWDtQqvZOJIFehn5w&bc=31&abxe=1&dt=1644465637676&lmt=1644465637&dlt=1644465636242&idt=997&frm=20&biw=1600&bih=1200&oid=2&adxs=160&adys=85&adks=51654815&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=1280x0&msz=1280x0&ga_vid=1351760880.1644465637&ga_sid=1644465637&ga_hid=1399972106&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

0e862cf39a4c2320dacc96189d28c6d221c722a03cc8c78c3e428563dff004dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 138242
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12008
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 189676
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 796ms
796ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=995117704085038&correlator=1161373038038648&output=ldjh&impl=fif&eid=31061815%2C44755510&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=45470634%3A22676723043%2Cclickio_area_681423_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=unit_type%3Dfixed%26ar_imp%3D0%26mifu_imp%3D0&cust_params=adm_lazy_load%3D1%26adm_lazy_load_var%3D400x200d%26adm_lazy_load_dev%3D400x200d&cookie=ID%3Dd530b27a0f9a6c7a-22cf4a3f3ccd006c%3AT%3D1644465637%3AS%3DALNI_MazkZG599_rTPWDtQqvZOJIFehn5w&bc=31&abxe=1&dt=1644465637678&lmt=1644465637&dlt=1644465636242&idt=997&frm=20&biw=1600&bih=1200&oid=2&adxs=276&adys=458&adks=513741180&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=336x0&msz=336x0&ga_vid=1351760880.1644465637&ga_sid=1644465637&ga_hid=1399972106&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

8045e45fd126562ae947b24cf3d9eb8e4f21ac2638e8c4ae41d42200bc438807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11541
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 589ms
589ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=995117704085038&correlator=1161373038038648&output=ldjh&impl=fif&eid=31061815%2C44755510&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=45470634%3A22676723043%2Cclickio_area_681344_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=autorefresh%3D30_sec%26unit_type%3Dsticky%26ar_imp%3D0&cust_params=adm_lazy_load%3D1%26adm_lazy_load_var%3D400x200d%26adm_lazy_load_dev%3D400x200d&cookie=ID%3Dd530b27a0f9a6c7a-22cf4a3f3ccd006c%3AT%3D1644465637%3AS%3DALNI_MazkZG599_rTPWDtQqvZOJIFehn5w&bc=31&abxe=1&dt=1644465637682&lmt=1644465637&dlt=1644465636242&idt=997&frm=20&biw=1600&bih=1200&oid=2&adxs=453&adys=1110&adks=419035065&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=761x-1&msz=728x-1&ga_vid=1351760880.1644465637&ga_sid=1644465637&ga_hid=1399972106&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

3f2114bc0eeb320d7ed7a6cdb4a858b47da2fa8c32d0dc6dc707069ec4af506e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 138242
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11957
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 189676
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 983ms
983ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=995117704085038&correlator=1161373038038648&output=ldjh&impl=fif&eid=31061815%2C44755510&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=45470634%3A22676723043%2Cclickio_area_681423_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=unit_type%3Dfixed%26ar_imp%3D0%26mifu_imp%3D1&cust_params=adm_lazy_load%3D1%26adm_lazy_load_var%3D400x200d%26adm_lazy_load_dev%3D400x200d&cookie=ID%3Dd530b27a0f9a6c7a-22cf4a3f3ccd006c%3AT%3D1644465637%3AS%3DALNI_MazkZG599_rTPWDtQqvZOJIFehn5w&bc=31&abxe=1&dt=1644465637684&lmt=1644465637&dlt=1644465636242&idt=997&frm=20&biw=1600&bih=1200&oid=2&adxs=632&adys=458&adks=2927392422&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=336x0&msz=336x0&ga_vid=1351760880.1644465637&ga_sid=1644465637&ga_hid=1399972106&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

fae5abfcf402cc12ba6f0a38e0b7b3d171702acd721e53424ef08169c1ed2d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12026
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 52ms
52ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=jh6uvwu8y8cfqu4563663193&area_id=681344&policy=ok&sub_id=1&f=__lxG__.tmp.rot_4n6gi4agrk0fpa2h&rt=563768655
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 33a04bbcbf109bd7c2200a5ae9609237079edf87f7356a423e33c6d600cdc142

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:37 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 53ms
53ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=jh6uvwu8y8cfqu4563663193&area_id=681503&policy=ok&sub_id=1&f=__lxG__.tmp.rot_4n6gi4agrk0fpa2h&rt=563768680
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ca595090cd48606f84d5e0dd334f1289bcbcf6914f3766e2242ecfed03bbfcdd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:37 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 53ms
52ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=jh6uvwu8y8cfqu4563663193&area_id=681423&policy=ok&sub_id=1&f=__lxG__.tmp.rot_4n6gi4agrk0fpa2h&rt=563768652
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 78a691f0b7ee7016c9680fb63f0935c6b46d41c4cf2d574a5192f811d4bc33cc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:37 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 58ms
58ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=jh6uvwu8y8cfqu4563663193&area_id=681423&policy=ok&sub_id=2&f=__lxG__.tmp.rot_4n6gi4agrk0fpa2h&rt=563768701
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 570b265643d75325964eb0a3f8df420400cdf2b88c7c8bf51c7e9f6dbecb13e6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:37 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 58ms
57ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=jh6uvwu8y8cfqu4563663193&area_id=681423&policy=ok&sub_id=3&f=__lxG__.tmp.rot_4n6gi4agrk0fpa2h&rt=563768779
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 777198b10c2de1dca5f4001b16123d4ee62fae8591b4d03e5c13f94796862ea2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Thu, 10 Feb 2022 04:00:37 GMT
content-type: text/html

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 228ms
110ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 04:00:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 7616 4 KB
1 KB 183ms
64ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 03:28:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 04:00:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 04:00:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CEA3 8 KB
961 B 176ms
71ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 03:22:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 04:00:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 04:00:37 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame CEA3 1 KB
955 B 189ms
107ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 03:27:22 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame CEA3 19 KB
8 KB 134ms
53ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite_fy2019.js

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 03:25:23 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame CEA3 2 KB
1 KB 189ms
108ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 03:08:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEA3 124 KB
38 KB 132ms
69ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 04:00:37 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame CEA3 15 KB
6 KB 141ms
61ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 02:48:08 GMT

GET
H2 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame CEA3 27 KB
12 KB 172ms
55ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 05:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 May 2022 05:35:55 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/ Frame 7616 19 KB
8 KB 143ms
66ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8079
x-xss-protection: 0
server: cafe
etag: 5902764951541284931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 02:08:58 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7616 205 B
519 B 176ms
65ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 13:14:09 GMT
x-content-type-options: nosniff
age: 53188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Feb 2023 13:14:09 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7616 604 B
694 B 176ms
65ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:24:22 GMT
x-content-type-options: nosniff
age: 5775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 10 Feb 2023 02:24:22 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6660 143 B
426 B 170ms
53ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 10 Feb 2022 03:03:07 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 920B 13 KB
5 KB 120ms
55ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 01:00:46 GMT
expires: Fri, 10 Feb 2023 01:00:46 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 10792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 661C 783 B
998 B 189ms
65ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

24b240f1dfdac5b1da7c1063afaa2e27254d9896a30f90944ece85f09d726698

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e2b8MWz5CcdwAncjplgFTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 10 Feb 2022 04:00:38 GMT
date: Thu, 10 Feb 2022 04:00:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-e2b8MWz5CcdwAncjplgFTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A5F 6 KB
3 KB 53ms
53ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 04:00:37 GMT
expires: Fri, 10 Feb 2023 04:00:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F098 624 B
529 B 64ms
64ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiyx-yZATAB&v=APEucNXoxg5LZbGsf2V_hAN1dZ0Xr6nKBkQHEikFmbzeeV9qAa7izVlmvPNs_CatSB2Eav4jvzNdA8uXvhS8f8nKIVnHNZ68bA

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 10 Feb 2022 04:00:38 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 25E5 25 KB
15 KB 87ms
84ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bonv-61MlzbFtiXH0R-rdtroEViW9GDpB56x1gpRWLIS2Yd14_hxRdgDl7r1uPZtj3qkIGrAyi9kUwn07E7gtJNZrU-HeRRIdhoz1KMFopb_XMsdh9Q9UGKrRjHvEm5NaM3YuZnSyYCjg4MwtaZfKfr44Lsg&cry=1&dbm_d=AKAmf-COH65wHtc7KrF_bVHgqsFzg8HblZUC2OnJJc60tQuAnEa2DTVEYvd1-C2ydcikYVlnSU8VTJyZoFXtwSDvj3VjRjPZ85Y0OUDJicW25tJwtGIz6Tv6lu2wxOOGhMrAW9GyEgS_gP4s69y0B86OfnTsyJ1qIBOGWrNfpe7oqe3J9F0mISib3XPQanoFeljcnj4V_6NBW44J1phSBvZWIJ_0dtKf4YKMoLgVSx0YEXc6jHqo_yUdq-zl-pcJrqeXHIcbknDxs3B-OKdklX2afAKzkPvhcVrEGmEKnVSw5Ju1T8CV7TNuPhbSi7u5uBWysZekW8ovqCIMkXjdntQ-avmgZhotljE2Af2jomHCN3bNWvFfTP9PqakMd_99nJl7m34OpMeFe8Mg10pFIG1A2pb4jd-QWsQp3arVmqcn_HnJjajvsb0VGo03-JXe3PL4wKgLak_0sTbr9KvteVDiolvR9TVWVSOm5JZXR7xAuOwIBA85pRELDTlx-k3c8OSb2qZW8WKG4TCa0zCuZ6NLmTjzVwA1n3_9CeSs0Sm1rQmHDb96XXgGE0zcmGtay6wpYLw91w0ujek-FCfAUZ01y1hSiiWDh-xrAp0F1U_iKiRj5S6W3vSw1Y59PTwkna5k20QP8vzR75QLtRnpj02GEN3QooKRO5kf486EDdg-u-OPlzIgcZTipE0kLG_o4IrX_KTncsV3xbAtkGYCXTngfwNFH7hrqATKkkegULT9H1atlXSXIwRQ86CxiunmqaKvwXgaZ1Y0KKKL8aprdLFsj8NlgVebX-XI28BwvrFV2zytzwSbprc1i5GwlWm_rGgstRjBy-dQGWbd4NmyJhDM1Q1gOdR3Pm0soEtUjiu7X6SDcuozxZzGjfyXS_RoyxZhf0vK1v1HUWbqItBfzc8-9KI0_R_QVPmt-b4x9SoLN3AOM5NxsXbTau2As67QMiYcgpSGwniUt5S9M2k7ZABqpT5xnJmjm8exzeBNWryEknAkTB4-RzEd3r2Z5HFe4mYpI5DacA8NgQoJaBWhO82s19LPpsjBVZzlNfj1hLB5vrIKTVINURANzLUxVvZOdLhwfOataltxzFGVzo_l6CvaM4vglVBMolRdKyekv2bS2CKILDso-ek-zMtadXmSqb9JBZWle0hS7He7U9S7EC0R5bd7l-26bQyT3xzEJX9TzonSf--0lqs9MjMmH0ELWQ5JkVjGZtgrw8OPVhQQzEyzWEGPSwZw5MU0ppQOT-oCYXOCF0s9LHVM5IDpB1Wn-x0UiVYm2zJbxEsyjU0P8Ica6Fvo7dPJF-_icukIfbQ-YbjHmEthaSJ7HMjfydMRqBchKDGL5R_ovRlXzS7cpaYC54YV7D3LmY0MhBbv9WBj4jdW9d_HrOIHajridZ_tQF4iDcd3xYrxa2NvLX7DRbpdFufJbc-hisOTTAj7HtKl5p6fccr9MEunTqMM93ZZlsHH106vtmnSAzoamqbCnci-u4qJQYCM5aKYe4GP_8x17BYeD_w_S5koUhVeeql4Brn8afOfeMx109RTspibRJMV6jsVUNsDUWk4MiR1cjhQqWbxPW27i3oA6jalHNnMazh_1NM8jc5o1FhxChLudsTI43A0qUwWAxuUkpwK6NOCIA8ITPdINUjav69DVFr5AWN712XYN4RbQHbfKI-nFF1nkMzrGEM2v7Mpui7HOPoysYd9Yo6LquA8HCKhCKZhZbFlh6o8Btfi4v9eknT6hTDQgypKj-uI23CxYGUoBWnchFbwAkNrXTH5pZ0u1zVk8_XH6RYTbmvarWmphI0U7eBME3sCFPS0-_-3bQQfsR9KpS2PRzQvzfCJHwL66Xb2vzFfQzQe6JJ8P6p8ilDh3NffCJ8Qlnd-exojvMlp4o8L3Rh9IOgGZ4MvD7-UEGnfsWH27dU82_QZ3uC3ONimZb_bn-SQjwwdEMCU5nJOX4fSpBQBprxL2cf9fswzizYpcfCanOOqj_bO62YBFW1rRxck6DqPzo_k8hDw35J_8xAgEaB1Hy8k5m6oCRM3vEXXq-kOkKUeZC-EFFE-wKPsasRUbDBCwo0EWleTHt-tYcti8XqziBNNIWLyENRYVG0pwa0GRRJphJbR5gneTfnydwddSOfAb8qQwTKGdHpbSjiVYjCzwILwSSD3JvyYcUuqD3hpRjWF5Iyz1fPRHI-RnxwJZbzwdevmUN_b0k8FRLh0M4XAIZKfI-yC6675fdqVVW-Tb3zMHM9c0Hf2mBRA6egDog3CVsvn9ytRSESaU7pL2gWlfmIZ80819AEvQQNPvghpLyT-OsV7VgC5ienZd736OWkvPw8uOpzFqSbYIT8uGyjW9emgMwJ5l0j8SfRpfuLdhbiqFsVbnEQZSW5MDEgJ1Nk1UUfU0mtHRxT2D7qXgltPyx2o-savF3idOaXokm-VD7Wh-yVZ6chNq_cmyT2KpzynRaiY0hf8G4cFMgK6lNAFLqOmT-GacrQ3Ldvm4cYc-2cdxB_44561FRK7-A8AKQFVW3O5rYqV_eHMMv-QPKDf7vCOoMHMLUsgSWDM6eQYzeXydQnFdyJ4hYGTSmN9gl8vYMtyTXJXzk3-Y5IF62KZL72jqy2ANaZUXNXeVIxRBmmXeRUMV7U6413418waadNL5V9qwGovf0fcNn4XZ0qKhVBA2O9u3romKKZVkFBKA2gO05whvJ_2pSM4EXfbg5x-4-2phaFcO4BNTfvE_k_GhpDn_pzX2DHumNJCtNKmKViACc3vmnM_x47dJjE6buAxV0mm6n3KxodvVPHN2QfFveIvf15BAUZb-DV4vULe9ef39ZovoZX3KK9DA7jJLc14_4LjBfAhM6X25L5XjzJl24kAPpD6l1dHO3DKNuKnTYK7LE-m91Fm7WBJELJdoyEMxkohN0dUmdKqfZAOUbxuUtB5W4c&cid=CAASEuRowh22b5P1dc4pN03sPs4IZg&rfl=2%2Chttps%253A%252F%252Fimgbb.com%252F%240

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b75d6911134788440bf7213857fb1d34eb9b862b96b2842b50a819ba8cb41035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15182
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 25E5 2 KB
1 KB 413ms
58ms Script
application/javascript 2a02:26f0:fb:59a::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232676&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0ipY0xgasTmaZ631kn9Cv_p&DVP_DBM_1=3060631&DVP_DBM_2=12004965&DVP_DBM_3=32655946&DVP_DBM_4=322642866&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&turl=https://imgbb.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59a::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 04:00:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:31 GMT
Server: Microsoft-IIS/10.0
ETag: "8f6388f116ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 25E5 8 KB
4 KB 413ms
59ms Script
application/javascript 2a02:26f0:fb:59a::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0ipY0xgasTmaZ631kn9Cv_p&DVP_DBM_1=3060631&DVP_DBM_2=12004965&DVP_DBM_3=32655946&DVP_DBM_4=322642866&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&turl=https://imgbb.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59a::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d45531108c42de7f887695a011c5d10381738bbddc10bbb358ab4f3e456f6dfc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 04:00:38 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Feb 2022 12:40:36 GMT
Server: Microsoft-IIS/10.0
ETag: "03a8bd561bd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3290

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 25E5 2 KB
1 KB 56ms
53ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 03:50:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25E5 124 KB
38 KB 70ms
67ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 04:00:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 25E5 15 KB
6 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 02:48:08 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 25E5 0
0 102ms
61ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTg16bMBs_BafEjNe0-wW8g1m-1w8vHSu9tWUmlnHlWj8QZlBkfGDnoZ5OSZQUqsjvKOK9xpM2yJNqj6uPMVSAaKcMANw
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25E5 42 B
63 B 127ms
64ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AjThx8pRSoWxR30EGbn2vH2UqeD7mEJ3EIgvheIx2AaJjELImBL1q5V_pdSIVVQAmapuV4CEHlwredgeq5oEwzLnm3hX6ZYpSG6lFtjTMzOI9jrCM

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6660
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

151ms
87ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 04:00:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 04:00:38 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 04:00:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 920B 36 KB
14 KB 66ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13873
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 18:34:34 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F098
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPt5zXqJfI23Mvf3mrSCZkk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPt5zXqJfI23Mvf3mrSCZkk&google_cver=1&C=1

43 B
1013 B

74ms
73ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPt5zXqJfI23Mvf3mrSCZkk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiyx-yZATAB&v=APEucNXoxg5LZbGsf2V_hAN1dZ0Xr6nKBkQHEikFmbzeeV9qAa7izVlmvPNs_CatSB2Eav4jvzNdA8uXvhS8f8nKIVnHNZ68bA
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 04:00:38 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Feb 2022 04:00:38 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 04:00:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPt5zXqJfI23Mvf3mrSCZkk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 10 Feb 2022 04:00:38 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F098
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgSN5l-lrHw4kvmPKBLqKwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOHRESQ9guh-KA5H5Jhwhg&google_cver=1

43 B
893 B

107ms
107ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOHRESQ9guh-KA5H5Jhwhg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiyx-yZATAB&v=APEucNXoxg5LZbGsf2V_hAN1dZ0Xr6nKBkQHEikFmbzeeV9qAa7izVlmvPNs_CatSB2Eav4jvzNdA8uXvhS8f8nKIVnHNZ68bA
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 04:00:38 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Feb 2022 04:00:38 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOHRESQ9guh-KA5H5Jhwhg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F098
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJwvc9vvumLC0wweAXm4j4c&google_cver=1

43 B
1004 B

123ms
58ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJwvc9vvumLC0wweAXm4j4c&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiyx-yZATAB&v=APEucNXoxg5LZbGsf2V_hAN1dZ0Xr6nKBkQHEikFmbzeeV9qAa7izVlmvPNs_CatSB2Eav4jvzNdA8uXvhS8f8nKIVnHNZ68bA

Protocol

HTTP/1.1

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 04:00:38 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8fe9a0f9-29a8-46b3-a1ff-c0d90fad9375
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJwvc9vvumLC0wweAXm4j4c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F098
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzMjM0NzgyMTgyNDEwNDQyOA%3D%3D

170 B
188 B

134ms
70ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzMjM0NzgyMTgyNDEwNDQyOA%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 04:00:38 GMT
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 13a819a7-fe2f-463c-badc-94a85b4a0ca6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzMjM0NzgyMTgyNDEwNDQyOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B565 6 KB
3 KB 57ms
56ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 04:00:37 GMT
expires: Fri, 10 Feb 2023 04:00:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODEzNDN+NjgxMzQyfjY4MTM0MX42ODEzNDB+NjgxNDQ3fjY4MTQ0NX42ODE0NDR+NjgxNDUxfjY4MTQ1MH42ODE0NDl+NjgxNDQ4fjY4MTQ1Mn42ODE0NTR+NjgxNDU5fjY4MTQ3M342ODE0NzJ+NjgxNTk5fjY4M... 38 B
206 B 52ms
51ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODEzNDN+NjgxMzQyfjY4MTM0MX42ODEzNDB+NjgxNDQ3fjY4MTQ0NX42ODE0NDR+NjgxNDUxfjY4MTQ1MH42ODE0NDl+NjgxNDQ4fjY4MTQ1Mn42ODE0NTR+NjgxNDU5fjY4MTQ3M342ODE0NzJ+NjgxNTk5fjY4MTQ4Mn42ODE0ODF+NjgxNTM3fjY4MTUzNH42ODE1MzN+NjgxMzM5fjY4MTQ0Mn42ODE0MTcmc3NpZD1+MSZhY3Q9ZGV2X3RhcmdfcmVtfi1+LX4tfi1+LX4tfi1+LX4tfi1+LX4tfi1+LX4tfi1+LX4tfi1+LX4tfmZuZF9vbl9wZ34tfi0mdXJsPX5pbWdiYi5jb20mdmNudD0yNSZfZj1fX2x4R19fLnRtcC5sb2dzdF9uazgyNmFoNWRzbzJ3aTNm/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 6106366d0a18444c46ede39b801317bbc83cffb8fe8fa27274efebc51c28d11a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Feb 2022 04:00:38 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODE1NDR+NjgxNTUxfjY4MTU1MH42ODE1ODZ+NjgxNTg1fjY4MTU4NH42ODE1OTF+NjgxNTkwfjY4MTU4OX42ODEzMzB+NjgxMzQ0fjY4MTMzNn42ODEzNTB+NjgxMzQ4fjY4MTQzNH42ODE0MjN+NjgxNDIwfjY4M... 38 B
206 B 54ms
54ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODE1NDR+NjgxNTUxfjY4MTU1MH42ODE1ODZ+NjgxNTg1fjY4MTU4NH42ODE1OTF+NjgxNTkwfjY4MTU4OX42ODEzMzB+NjgxMzQ0fjY4MTMzNn42ODEzNTB+NjgxMzQ4fjY4MTQzNH42ODE0MjN+NjgxNDIwfjY4MTUwM342ODE0NDZ+NjgxNTg3fjY4MTM0NH42ODEzMzl+NjgxNDE3fjY4MTQ0Mn42ODEzNDQmc3NpZD1+MSZhY3Q9ZGV2X3RhcmdfcmVtfi1+LX4tfi1+LX4tfi1+LX5ydHJfdmFyX2Noc25+LX4tfi1+LX4tfi1+LX4tfi1+LX5ydHJfdmFyX2luc3RhbGx+dGdsX3NfMH4tfi1+dGdsX3NfMV9kZnAmdXJsPX5pbWdiYi5jb20mdmNudD0yNSZfZj1fX2x4R19fLnRtcC5sb2dzdF9laHZmNGJ6b2cwZG9rbGpq/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: de08c856156a6819b51c58e9163a77f9acffa17d20792f5b75db142a0c56010d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Feb 2022 04:00:38 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODE0MjN+NjgxNTAzfjY4MTM0NH42ODE1MDN+NjgxNDIzfi1+LX42ODEzNDR+NjgxNTAzfjY4MTQyM34tfi1+NjgxMzQ0fjY4MTUwM342ODE0MjN+LX4tfi1+NjgxNTAzfjY4MTM0NH42ODE1MDN+NjgxMzQ0fi1+N... 38 B
206 B 54ms
53ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODE0MjN+NjgxNTAzfjY4MTM0NH42ODE1MDN+NjgxNDIzfi1+LX42ODEzNDR+NjgxNTAzfjY4MTQyM34tfi1+NjgxMzQ0fjY4MTUwM342ODE0MjN+LX4tfi1+NjgxNTAzfjY4MTM0NH42ODE1MDN+NjgxMzQ0fi1+NjgxNTAzfjY4MTQyMyZzc2lkPTF+LX4tfi1+LX4yfjN+MX4tfi1+Mn4zfjF+LX4tfjJ+M34xfi1+LX4tfi1+LX4tfi0mYWN0PXJ0cl92YXJfaW5zdGFsbH4tfnNsb3RfaGJfZW5kfi1+LX4tfi1+c2xvdF9pbl9wZ34tfi1+LX4tfnNsb3Rfcm5kcl9jbGx+LX4tfi1+LX50Z2xfc18xX2RmcH4tfnRnbF9zXzJfb2t+LX50Z2xfc18yX29rX29rfnVuaXRfaGJfZW5kfi1+LSZ1cmw9fmltZ2JiLmNvbSZ2Y250PTI1Jl9mPV9fbHhHX18udG1wLmxvZ3N0X3IzcXV0eDE3ejRucDN4bWQ/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 5363332f874837cce2fba16f92207169fdf8dbb33dd4ede31fb57a771b022017

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Feb 2022 04:00:38 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODE0MjN+NjgxNTAzfjY4MTQyM342ODEzNDR+NjgxNTAzfjY4MTQyM34tfi1+NjgxMzQ0fjY4MTUwM342ODE0MjN+LX4tfjY4MTM0NH42ODE1MDN+NjgxNDIzfi1+LX4tfi1+LX42ODE1MDN+NjgxNDIzfi1+LSZzc... 38 B
206 B 65ms
65ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODE0MjN+NjgxNTAzfjY4MTQyM342ODEzNDR+NjgxNTAzfjY4MTQyM34tfi1+NjgxMzQ0fjY4MTUwM342ODE0MjN+LX4tfjY4MTM0NH42ODE1MDN+NjgxNDIzfi1+LX4tfi1+LX42ODE1MDN+NjgxNDIzfi1+LSZzc2lkPTN+MX4zfjF+LX4tfjJ+M34xfi1+LX4yfjN+MX4tfi1+Mn4zfjF+Mn4zfjF+LX4yfjMmYWN0PWdfZXZfc3JlcX4tfmdfZXZfc3JlcV9sbHZfNDAweDIwMGR+c2xvdF9jYWxsX2FkbX4tfi1+LX4tfnNsb3RfY2FsbF9hZG1fbGx2XzQwMHgyMDBkfi1+LX4tfi1+c2xvdF9sbF92YXJfNDAweDIwMGR+LX4tfi1+LX50Z2xfc18yX29rfi1+LX50Z2xfc18yX29rX29rfi1+LX4tJnVybD1+aW1nYmIuY29tJnZjbnQ9MjUmX2Y9X19seEdfXy50bXAubG9nc3RfbzV3ejR0bXdrZ2N4ZmR6eA/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b4184d3123118b3c6a5a52d29ed4c256d449edf9c547802e6837f5149fccd903

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Feb 2022 04:00:38 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODE0MjN+LX4tfi1+LX42ODEzNDR+NjgxNDIzfjY4MTUwM342ODE0MjN+NjgxMzQ0fjY4MTQyM34tfi1+LX4tfi0mc3NpZD0zfi1+LX4tfjF+LX4yfjF+LX4tfjJ+M34tfi1+LX4tJmFjdD1nX2V2X3NyZW5kfmdfZ... 38 B
206 B 53ms
53ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODE0MjN+LX4tfi1+LX42ODEzNDR+NjgxNDIzfjY4MTUwM342ODE0MjN+NjgxMzQ0fjY4MTQyM34tfi1+LX4tfi0mc3NpZD0zfi1+LX4tfjF+LX4yfjF+LX4tfjJ+M34tfi1+LX4tJmFjdD1nX2V2X3NyZW5kfmdfZXZfc3JlbmRfbGx2XzQwMHgyMDBkfmdfZXZfc3JlbmRfbmV+Z19ldl9zcmVuZF9uZV9sbHZfNDAweDIwMGR+Z19ldl9zcmVxfi1+LX5nX2V2X3NyZXFfbGx2XzQwMHgyMDBkfi1+LX4tfmdfZXZfc3Jlc3B+Z19ldl9zcmVzcF9sbHZfNDAweDIwMGR+c2xvdF9hZG1fcmVwbHl+c2xvdF9hZG1fcmVwbHlfbGx2XzQwMHgyMDBkfnNsb3Rfcm5kcmRfY29udGVudCZ1cmw9fmltZ2JiLmNvbSZ2Y250PTE2Jl9mPV9fbHhHX18udG1wLmxvZ3N0X2Y2OGJyaGxnODBpa2VxdDI/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 67f5788b8acedea57d7b9382fefeb08bfa32bd51bdc975c485d0bf32635445e9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Feb 2022 04:00:38 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame 25E5 24 KB
9 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bonv-61MlzbFtiXH0R-rdtroEViW9GDpB56x1gpRWLIS2Yd14_hxRdgDl7r1uPZtj3qkIGrAyi9kUwn07E7gtJNZrU-HeRRIdhoz1KMFopb_XMsdh9Q9UGKrRjHvEm5NaM3YuZnSyYCjg4MwtaZfKfr44Lsg&cry=1&dbm_d=AKAmf-COH65wHtc7KrF_bVHgqsFzg8HblZUC2OnJJc60tQuAnEa2DTVEYvd1-C2ydcikYVlnSU8VTJyZoFXtwSDvj3VjRjPZ85Y0OUDJicW25tJwtGIz6Tv6lu2wxOOGhMrAW9GyEgS_gP4s69y0B86OfnTsyJ1qIBOGWrNfpe7oqe3J9F0mISib3XPQanoFeljcnj4V_6NBW44J1phSBvZWIJ_0dtKf4YKMoLgVSx0YEXc6jHqo_yUdq-zl-pcJrqeXHIcbknDxs3B-OKdklX2afAKzkPvhcVrEGmEKnVSw5Ju1T8CV7TNuPhbSi7u5uBWysZekW8ovqCIMkXjdntQ-avmgZhotljE2Af2jomHCN3bNWvFfTP9PqakMd_99nJl7m34OpMeFe8Mg10pFIG1A2pb4jd-QWsQp3arVmqcn_HnJjajvsb0VGo03-JXe3PL4wKgLak_0sTbr9KvteVDiolvR9TVWVSOm5JZXR7xAuOwIBA85pRELDTlx-k3c8OSb2qZW8WKG4TCa0zCuZ6NLmTjzVwA1n3_9CeSs0Sm1rQmHDb96XXgGE0zcmGtay6wpYLw91w0ujek-FCfAUZ01y1hSiiWDh-xrAp0F1U_iKiRj5S6W3vSw1Y59PTwkna5k20QP8vzR75QLtRnpj02GEN3QooKRO5kf486EDdg-u-OPlzIgcZTipE0kLG_o4IrX_KTncsV3xbAtkGYCXTngfwNFH7hrqATKkkegULT9H1atlXSXIwRQ86CxiunmqaKvwXgaZ1Y0KKKL8aprdLFsj8NlgVebX-XI28BwvrFV2zytzwSbprc1i5GwlWm_rGgstRjBy-dQGWbd4NmyJhDM1Q1gOdR3Pm0soEtUjiu7X6SDcuozxZzGjfyXS_RoyxZhf0vK1v1HUWbqItBfzc8-9KI0_R_QVPmt-b4x9SoLN3AOM5NxsXbTau2As67QMiYcgpSGwniUt5S9M2k7ZABqpT5xnJmjm8exzeBNWryEknAkTB4-RzEd3r2Z5HFe4mYpI5DacA8NgQoJaBWhO82s19LPpsjBVZzlNfj1hLB5vrIKTVINURANzLUxVvZOdLhwfOataltxzFGVzo_l6CvaM4vglVBMolRdKyekv2bS2CKILDso-ek-zMtadXmSqb9JBZWle0hS7He7U9S7EC0R5bd7l-26bQyT3xzEJX9TzonSf--0lqs9MjMmH0ELWQ5JkVjGZtgrw8OPVhQQzEyzWEGPSwZw5MU0ppQOT-oCYXOCF0s9LHVM5IDpB1Wn-x0UiVYm2zJbxEsyjU0P8Ica6Fvo7dPJF-_icukIfbQ-YbjHmEthaSJ7HMjfydMRqBchKDGL5R_ovRlXzS7cpaYC54YV7D3LmY0MhBbv9WBj4jdW9d_HrOIHajridZ_tQF4iDcd3xYrxa2NvLX7DRbpdFufJbc-hisOTTAj7HtKl5p6fccr9MEunTqMM93ZZlsHH106vtmnSAzoamqbCnci-u4qJQYCM5aKYe4GP_8x17BYeD_w_S5koUhVeeql4Brn8afOfeMx109RTspibRJMV6jsVUNsDUWk4MiR1cjhQqWbxPW27i3oA6jalHNnMazh_1NM8jc5o1FhxChLudsTI43A0qUwWAxuUkpwK6NOCIA8ITPdINUjav69DVFr5AWN712XYN4RbQHbfKI-nFF1nkMzrGEM2v7Mpui7HOPoysYd9Yo6LquA8HCKhCKZhZbFlh6o8Btfi4v9eknT6hTDQgypKj-uI23CxYGUoBWnchFbwAkNrXTH5pZ0u1zVk8_XH6RYTbmvarWmphI0U7eBME3sCFPS0-_-3bQQfsR9KpS2PRzQvzfCJHwL66Xb2vzFfQzQe6JJ8P6p8ilDh3NffCJ8Qlnd-exojvMlp4o8L3Rh9IOgGZ4MvD7-UEGnfsWH27dU82_QZ3uC3ONimZb_bn-SQjwwdEMCU5nJOX4fSpBQBprxL2cf9fswzizYpcfCanOOqj_bO62YBFW1rRxck6DqPzo_k8hDw35J_8xAgEaB1Hy8k5m6oCRM3vEXXq-kOkKUeZC-EFFE-wKPsasRUbDBCwo0EWleTHt-tYcti8XqziBNNIWLyENRYVG0pwa0GRRJphJbR5gneTfnydwddSOfAb8qQwTKGdHpbSjiVYjCzwILwSSD3JvyYcUuqD3hpRjWF5Iyz1fPRHI-RnxwJZbzwdevmUN_b0k8FRLh0M4XAIZKfI-yC6675fdqVVW-Tb3zMHM9c0Hf2mBRA6egDog3CVsvn9ytRSESaU7pL2gWlfmIZ80819AEvQQNPvghpLyT-OsV7VgC5ienZd736OWkvPw8uOpzFqSbYIT8uGyjW9emgMwJ5l0j8SfRpfuLdhbiqFsVbnEQZSW5MDEgJ1Nk1UUfU0mtHRxT2D7qXgltPyx2o-savF3idOaXokm-VD7Wh-yVZ6chNq_cmyT2KpzynRaiY0hf8G4cFMgK6lNAFLqOmT-GacrQ3Ldvm4cYc-2cdxB_44561FRK7-A8AKQFVW3O5rYqV_eHMMv-QPKDf7vCOoMHMLUsgSWDM6eQYzeXydQnFdyJ4hYGTSmN9gl8vYMtyTXJXzk3-Y5IF62KZL72jqy2ANaZUXNXeVIxRBmmXeRUMV7U6413418waadNL5V9qwGovf0fcNn4XZ0qKhVBA2O9u3romKKZVkFBKA2gO05whvJ_2pSM4EXfbg5x-4-2phaFcO4BNTfvE_k_GhpDn_pzX2DHumNJCtNKmKViACc3vmnM_x47dJjE6buAxV0mm6n3KxodvVPHN2QfFveIvf15BAUZb-DV4vULe9ef39ZovoZX3KK9DA7jJLc14_4LjBfAhM6X25L5XjzJl24kAPpD6l1dHO3DKNuKnTYK7LE-m91Fm7WBJELJdoyEMxkohN0dUmdKqfZAOUbxuUtB5W4c&cid=CAASEuRowh22b5P1dc4pN03sPs4IZg&rfl=2%2Chttps%253A%252F%252Fimgbb.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9577
x-xss-protection: 0
server: cafe
etag: 11201793935764353180
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 02:31:57 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 25E5 41 KB
15 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Feb 2023 01:00:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 661C 0
0 78ms
77ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020301&jk=995117704085038&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F797 22 KB
8 KB 54ms
53ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 01:00:40 GMT
expires: Fri, 10 Feb 2023 01:00:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 10798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B565 0
0 77ms
77ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRbi35Y0EYrTuOMiHrASEw4aYC_7T969czs-92OoCwI23ARABIABgmQaCARdjYS1wdWItMzEwNDc5MDM4Nzc5MjQ2OMgBCeACAKgDAaoE4gFP0DklqTccQKkLI80vFvU97JndN64zBdcSwKPCpKezrFG3HtybI5FvBfYFXY7VNassHKbY-Bzt65bVBfkt3FUW9bOXoA_66XtrchTv5M6DYz-Gqo4-iIKdGgTPW9ziF80jCXrsXdb9d1kmf6_mqExFcOkQf88YZHgimTkjEjiEz2P8rmTTXf5OC0x_TSAqXibKpwtSS3PJrhW_Toe6n5zaXSe1YTMQraPpIX1mLGJF7tylfnpmVKKFLm9H7bREranua1cCuYFqxDkGmEU1aDJUyEACQDFAba8FjjrIXuRBTJ9W4AQBgAbiw97l0ve21megBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzEwNDc5MDM4Nzc5MjQ2OBi6qhk&sigh=s1nx3Z4NGnw&uach_m=[UACH]&cid=CAQSPACNIrLM-9fIJ-sfkULS7ysdHpquG78DP47dU2K-nauN304as8fyrgvEE0RmM1KUtve_9eCM2N2SkRnUchgB&tpd=AGWhJmuc29VYdkwKSYQuulqsWt9Go82IH1NWNvVGWNnrWWxkY0Bzx7W6_8hxF-RqHFUBJEtFTGl_YovVnnlzAhOryViLrMWSpL7pFRWatM5jkSJoN-rYI3DNRbJTPKPV8KRYGv85Pi-1Vpl_Zufp8pQqypCReOQFMKUbHyjJqv78iz4rrf_julSsPaYivsVkE4dzd_Gfzi8Z_j7HBeLn7JxWkkZq__yJjfoNffib2X2XyTjFRFAJpyoWhoDhpY6DqpG-li9Qq5YJPDkCdLFApffZtNgo6mIzaKO3OBfRZ-9bCf6T39zrv9jo4gfqDqOo-Dae8zv_yVeuPjYt19sRUQwvGZo8Jc5I-FZN_TeVL8-IYvAUYfcUr0O4Qx8XyA8rLOUzn3lO485FY2G1V7hjEtmgwR1bqgASlVdrSDxjTEhHjGROO8-6q4h3OUWPh6mbm-G0oT9btf3dNWv0epco9vy4SNzxe5Ejuu1iLLegFcc7_MZWDW5wMxDGuZCr5kl7wcr3KayPfWJiaIwVlh0f63dAcoo33VRVOdGcPgzl0aJSy7YbjRtu4_dx5Qp4tX9P4hxjhOJe2xOmFtDwicJd_Gc-sllpoobeGbZxEmccX15g9HdU8wLiZiLJsURIbm4qfDD5rrCBS62GcNsLXo3OwX6Fi-4yZ6_IPRsdSSedid8603fNBHhaZnS9VS3f-hDd8oQ0zVZiNujUeKyANNhiczI8mJjzf7Cm8N9ZXe-ftei0BvkX3ZZGgX9BVFQmfGNhROYlW_7kxiNEHP3cqJpv0g
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame B565 1 KB
1 KB 233ms
74ms Script
text/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=49726912;rtbwp=01A28813B59D5979;rtbdata=0iBrwPWWfqiYl4X9Mw5xjs4M1OIXuhr-3X_DeaF2IZzfT18vvzoTF7K9f3xfCkBBE40Nw2fEYw7ZdjUcn6ar3Y4VNND6NXPdbRJhSpIRu-NYYslflUIEFHdk3bTyy-VKikSyMY6XAlxvpjwT1znllEcoOZaXMcwKGdeDuVqJYuDwiOnOs6VO1VSCseLHNjWoXjCGKPIlUPAQACDHnBCROhq-Wu-9j4xvhJwURez7F3L59iVHqEaP21ckDEQWwL3dsKv56gpmpZQruo6Upp6PMvooWbbs6vS7Hh7vXv1rXDV3XrwQRV0-bQUoHImg0t3Yk9G2KqpPHWn0hvrhZqfh3GmwnOP6fU_DOb-F7EHZSEM1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/0a7d6190-845b-4e27-9d80-9306d0f19848/

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8a788becf471a3b73e6362255ed9dd876f46abb37aea6ad0a34c240e03c8afd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1057
expires: -1

GET
H/1.1 204
No Content register
token.rubiconproject.com/ Frame B565 0
214 B 311ms
57ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/register?khaos=KZGGDR3A-1J-ASPQ
Requested by: Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame B565 2 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 03:50:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B565 124 KB
38 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 04:00:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame B565 15 KB
6 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 02:48:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B565 0
0 142ms
64ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTdadsUdby3B7Egd2fAo4q4P3_lRK6smuZWq_y2150gr4wAjPajyKtHkmGhML9NjNRE_834ApoHehqqJ9uD36YGp6o9ZQ
Requested by: Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B565 22 KB
7 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Feb 2023 01:00:27 GMT

GET
H3 200 container.html Show response
e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A073 6 KB
3 KB 57ms
56ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 04:00:37 GMT
expires: Fri, 10 Feb 2023 04:00:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 920B 0
9 B 67ms
64ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1Rx_4Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F797 36 KB
14 KB 68ms
64ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13873
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 18:34:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A073 0
0 73ms
72ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CI2ZJ5o0EYvOWBfCFjuwP5Meo6AH-0_evXM7PvdjqAsCNtwEQASAAYJkGggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjjIAQngAgCoAwGqBOEBT9AGjTumgG10POPSAVGfWphmYYIhRY2wKNVXP3AdptikM_r596HyvAF_oE-X5K6w0S9xQp68w8rQdLcl0RgptIK3heLl0P9KbMXk1STFzkxID5v2JI0N4rqyRGBC8jF9sZhP-T7647MtOpm9PYmXTlt0zOjb4O5hPRm3CQPS25hgAotDtrapxEN4kOs07xPYEzvQ6FWPa9oRNPwX2a4ZnsDuRJgBC1PBKRqhenl9nCbE7uOS3w3_-ulHBmtVqHJQ5wuRToxUp9FUjdHEYWTWTbz2dE5gJHZEXmluvJ9FILx-4AQBgAbbsNfBhvHb1DigBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIBhEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzEwNDc5MDM4Nzc5MjQ2OBi6qhk&sigh=a2uLWDRU1mg&uach_m=[UACH]&cid=CAQSPACNIrLMctwG4ZvLGm40BWkkl25EgpqPGPXdsoRsQhJfiuIZM2109KRBf1YYczmJ_WqO0jkD3fWSSTXvzhgB&tpd=AGWhJmvdojRbSK9P7p1wMEwbXZnTLwUCD9UL41Z8zZfThC-iytXOzd39Z5hGGwp9JdHreWxNt3Nas0ptBIULYCDSiMkjT9KImJbe1rr5eB23IuAepSR_hwlNBrYxAPJ0poY1lW1MgMSMddKQGAQzlSETh3AHwLZ2QQRE0KRrPb4uk6_90_pQSJTVGhHvnWKaoW1IXR-sc5EjNryqgd9ZWGGwtK85Ge2td3sTw6I70ESdt_ywgR6VyIw9x0ZkMsXgP0NdE0BXNY3AGYq5LCHnllDIg8e_cnUt3Fg8Tsd7bVcw0XmauXF2LJppZILbSBRPwyMbZCocJ1VxrqVBDP8bkm80jKRvP5koLsUjXTkAZXLYhIYvsBPTfCPLHO_d84lv_ogOKcH9MpKfpf7kIy6eZONohCupU4b3p_dZqJsBuo3CEFYAzeYyAMbJk-_Qcmb1ghz8kQWLs8Aqg1hQzi99x3XmuMz1stSDsNCcLco7agH_qs83O_nEPeo-l8MSpj0l6reFHcAIc1i4f2PUg88LozxVHDf6pL21QwyxXMaHmLxC7mlfMpoRAExg2rH0J9vNZXt56xQWZa71bePyM-38nea4Itnr_LY8QoriJYIQjxCPIggMUWnexFg7qTy4lSg4oBAUOe1-ysxt4b74TW8T4YOPXfTXfiTjleS-VOjkvf4YDicFtkDJhVf-B4OAkodT1_a0TnHju0QfhwRdSHtW4ma-_fGUibctb2wtT71sb5NI2zWGJLsvB_iNMXTrJKSvIGCXve665cevJonPMKtn
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A073 1 KB
1 KB 75ms
72ms Script
text/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=52549255;rtbwp=C847B5446DF27C30;rtbdata=0M1KNFIxLe9-W1krClqfTkiu_v1lW_O4NDu7du_YLDbRmpnUA9ulFS0JI5xsNbDgxry8r5K7EnbdQKChH2snFL3NFPyup41i7L09miEvQtd3Ew1_Va4x14wdmMTCelhWikSyMY6XAlxvpjwT1znllEcoOZaXMcwKGdeDuVqJYuDwiOnOs6VO1c2s8HzgCfLTKz1piz2WSx2l-T98AiT3fuoJ1gaXa4Sntupsx7YU-pUhdAzj90e0DMnasDoAHuJI5R5DyJl6_VCKvdzfnaySBwrepPC1kSUOaOaAMXGLRJ01;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/570b2716-20bc-4428-9e8c-949728eabae1/

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7e8174927a449806111f3d07ca72055209e038b109867332fffef848443bbacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 968
expires: -1

GET
H/1.1 204
No Content register
token.rubiconproject.com/ Frame A073 0
214 B 184ms
56ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/register?khaos=KZGGDR7N-18-I9DE
Requested by: Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame A073 2 KB
1 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 03:50:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A073 124 KB
38 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 04:00:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame A073 15 KB
6 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 02:48:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A073 0
0 67ms
65ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRP6JorAmS1-kimriAz796jcor4cqdzsuyT7fUyQBrxpPeO_6PwRMmR0DFuXo0BbYBDP-Xw65y4I6atkWaMvsqUqmcTMg
Requested by: Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A073 22 KB
7 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Feb 2023 01:00:27 GMT

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame 25E5 55 KB
18 KB 74ms
74ms Script
application/javascript 2a02:26f0:fb:59a::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232676&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0ipY0xgasTmaZ631kn9Cv_p&DVP_DBM_1=3060631&DVP_DBM_2=12004965&DVP_DBM_3=32655946&DVP_DBM_4=322642866&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&turl=https://imgbb.com/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59a::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 04:00:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:46 GMT
Server: Microsoft-IIS/10.0
ETag: "08517fa16ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame B565 33 KB
16 KB 598ms
139ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=49726912;rtbwp=01A28813B59D5979;rtbdata=0iBrwPWWfqiYl4X9Mw5xjs4M1OIXuhr-3X_DeaF2IZzfT18vvzoTF7K9f3xfCkBBE40Nw2fEYw7ZdjUcn6ar3Y4VNND6NXPdbRJhSpIRu-NYYslflUIEFHdk3bTyy-VKikSyMY6XAlxvpjwT1znllEcoOZaXMcwKGdeDuVqJYuDwiOnOs6VO1VSCseLHNjWoXjCGKPIlUPAQACDHnBCROhq-Wu-9j4xvhJwURez7F3L59iVHqEaP21ckDEQWwL3dsKv56gpmpZQruo6Upp6PMvooWbbs6vS7Hh7vXv1rXDV3XrwQRV0-bQUoHImg0t3Yk9G2KqpPHWn0hvrhZqfh3GmwnOP6fU_DOb-F7EHZSEM1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/0a7d6190-845b-4e27-9d80-9306d0f19848/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2b7565763ab5a2d5709434fa4183d3b2759985e22ceec499199ee13695c2430b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 08:31:01 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 11 Feb 2022 07:42:22 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame F3D0 220 KB
61 KB 186ms
53ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 69103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 08:48:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 08:48:55 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame F3D0 16 KB
6 KB 283ms
151ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 46574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 15:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 15:04:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame F3D0 96 KB
29 KB 303ms
170ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 45789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 15:17:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 15:17:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame F3D0 5 KB
2 KB 291ms
159ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 98295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 00:42:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 00:42:23 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame F3D0 42 KB
13 KB 293ms
161ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 09:08:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 09:08:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F3D0 6 KB
670 B 132ms
65ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 03:25:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 04:00:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 04:00:38 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F3D0 3 KB
3 KB 56ms
55ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 23:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 16566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15880770647744369592
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 10 Feb 2022 23:24:32 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F3D0 344 B
368 B 57ms
56ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 76464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 10 Feb 2022 06:46:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F3D0 0
0 63ms
62ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSROW1mqE1iU1NQ--ZwQ4p_sA2NFZUnGlMQAD2jpY-N5eX--bw0_bA02sB73bjGe1A-kZvWQNw_00-_B1d0IF7b6UFWPw
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F3D0 0
0 82ms
80ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7wMc5o0EYryvDsfR3wPrtLj4Be-8xPNng4DglbAP2dkeEAEgouKjJmCZBqABpvGnsgHIAQngAgCoAwHIAwqqBNoBT9BXTBtJ4vQsGPPUMyT-ZnnWtuwAHyZNoKDbQg1np7gdKquwvhTifPilt0_hybF2MOmpems-g75hY0sEBpmHvZjVdt14AkrEyYOh_Ku5lknYlq8nvH4aig0YyT34r_wDYgkmb1Js8PkPKMVnDVwPbq0iGViCDDrI2EF4frd72aoi3lDR534pRp4i_EsSNE7LBasjktxMOhVEs82kiyFiYglYPDsBOBMteOGw68xjNmEnVsWQzjNXJ1iBR0Vwr7aPgZTgPwcjTHhGb0dzx7eoF_CQXqCO_aYyaOvABOKqvIPbA-AEAZIFBAgEGAGSBQQIBRgEoAYugAe4wMqKA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEOW0AdIIBwiAYRABGB2ACgPICwHYEw2IFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzEwNDc5MDM4Nzc5MjQ2OBi6qhk&sigh=uf-6QVGV__o&uach_m=[UACH]&template_id=484
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A073 33 KB
16 KB 602ms
170ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52549255;rtbwp=C847B5446DF27C30;rtbdata=0M1KNFIxLe9-W1krClqfTkiu_v1lW_O4NDu7du_YLDbRmpnUA9ulFS0JI5xsNbDgxry8r5K7EnbdQKChH2snFL3NFPyup41i7L09miEvQtd3Ew1_Va4x14wdmMTCelhWikSyMY6XAlxvpjwT1znllEcoOZaXMcwKGdeDuVqJYuDwiOnOs6VO1c2s8HzgCfLTKz1piz2WSx2l-T98AiT3fuoJ1gaXa4Sntupsx7YU-pUhdAzj90e0DMnasDoAHuJI5R5DyJl6_VCKvdzfnaySBwrepPC1kSUOaOaAMXGLRJ01;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/570b2716-20bc-4428-9e8c-949728eabae1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2b7565763ab5a2d5709434fa4183d3b2759985e22ceec499199ee13695c2430b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:38 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 08:31:01 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 11 Feb 2022 07:42:22 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 25E5 2 KB
1 KB 452ms
62ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_314970604861&jsTagObjCallback=__tagObject_callback_314970604861&num=6&ctx=1828362&cmp=115845&plc=4232676&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=314970604861&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=2.50&dvpx_strhd=2.50&brid=3&brver=98&bridua=3&dup=null&turl=https://imgbb.com/&chro=1&hist=2&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0ipY0xgasTmaZ631kn9Cv_p&DVP_DBM_1=3060631&DVP_DBM_2=12004965&DVP_DBM_3=32655946&DVP_DBM_4=322642866&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3E833%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3E833%5D4%40%3ETar9EEADTbpTauTau6ac6h%606gacf734_3_b2_6%60%6053bg57fd2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau6ac6h%606gacf734_3_b2_6%60%6053bg57fd2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=8.80&callbackName=__verify_callback_314970604861
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e7d78beace592fabbe300d4ea1518bd5bf1470a34cfd15ef818bd5e6bf50e495

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 04:00:39 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 02/09/2022 04:00:39

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F797 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZZSC5o0EYujqBZW_3gOuwavIAQAAAAA4AeAEAg&bg=!kZKlktbNAAbS3PJy0tw7ACkAdvg8WicKZGDK4ucezUzEPPfCnPzDDQcOkaESNEL0xD4KUJq6LPjmdwIAAACOUgAAAAloAQeZAw1Bvjp84BhJcKqAV89bfIVb9Wpxvlszvursni9gE4wSn2D0fdnnUP2sHNMXVrH2lXhXAwVUVd1_pt5UdZ2tjqyJUNcVMXdmq6gVfpVqTCNuQ2aph_PPPCOAv3K_kLc5j75Dfy6pR8c_uxXh2aVfAJrd4QqIiwD09shDJcvPX-8vDztfLVXmjpCA6FWthVlT8BQrcnV-sHKYZOXLyIkfzOXns1ANuTuKB6LO7l6ULnMvOOrHOt5GVBP4LVtHRSFjWhJCXAY1839dMNERDzKKgoIueQJtgZNkfhbwrr4cehxb4C5J_fmhN2hn0VNeeoDRwmxd8infiKyvy0y1lAs4kg_eyyFD7sCcyH9Lk4DB5SainvUGEpllAl53bP3t6-ZPPe_2aJBOq9R6tv_Jy2a2wi4fDFLEk9_mBlwcQlohV3iRIx3Ldy21Ohrjch9BDKm3zjQpJ6adt8datowsfnXfbWgAcJZiAe_OnSX3Xaw9YF6H_5kK1ZdaM-o8c6qmcLHpZ4LdFULtxF1UfpYdpTCOjHwHD2rplKhMwGTSkyp0Yy9SqykJxFbhaV8QVEvZZmTIj6hqUSqSj3KvjoXqeNogh3O1Gk-nPWotUS_XrCZ1gLiTV9va9tYzGZTzaN3o2TeugCBUJQlQ6ihtnLse4SRLHQiEG0n_O0DeKDQxaqzdBnJB-9RSzx7oqio4g4A_H4OYTG6NhKCO4LCXRtl86tnbxtV0hiTyqXeO95qhtbeOCiVgp41lR-rEnzWMlPm8jPfmE9ZmR5vml99YnpC9KsaB519dTD1_q36UjN3A1PZpAHCBIcw86cfD6A1ktXOiXYmeNv0H-To-VUANMJyktmR_VnGHLDNd5D3H-ULrX4p_tJvidn9oMWTKXLZ2mrMPVJUaJNdfDp4DiD6y5uIN6TPxEj06uKC3evfON1pzrhRR67dtpnfeCQYntmRiNui26aiyYRCSmtniNTUEeqMZivDxSn_vG5MFu7aVRB3cs9OEhVNQRnsjmADbwvkuD1WjbeIsD1A-Bpedm3RdJleyWIjj

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/10705088872372113569/ Frame F3D0 25 KB
25 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10705088872372113569/2076313506083323656

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b294fab0f86fddd85ea063499bd0d0b5bb933c2f32db205da4c8af42e244e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:45:31 GMT
x-content-type-options: nosniff
age: 119707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25721
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:26:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 18:45:31 GMT

GET
DATA 200
OK truncated
/ Frame F3D0 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c84fef64db8bf306cbddb004f03fd80e5b6fca96a87e2d93ca6513ae48aa92a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F3D0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e28ac3530db7c83711eafdf4f2c8ef53ff9f8b3201ee82ef038042f9a3fdf7c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F3D0 15 KB
16 KB 171ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imgbb.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 114763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 20:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F3D0 15 KB
15 KB 187ms
71ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imgbb.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 59881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 11:22:37 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame 676F 220 KB
60 KB 141ms
138ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 69103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 08:48:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 08:48:55 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 676F 16 KB
6 KB 194ms
80ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 46574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 15:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 15:04:24 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 676F 96 KB
29 KB 174ms
59ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 45789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 15:17:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 15:17:29 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 676F 5 KB
2 KB 172ms
58ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 98295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Wed, 09 Feb 2022 00:42:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Feb 2023 00:42:23 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 676F 42 KB
13 KB 170ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 09:08:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 09:08:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 676F 6 KB
670 B 66ms
64ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 03:22:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 04:00:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 04:00:38 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 676F 3 KB
3 KB 57ms
54ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 23:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 16566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15880770647744369592
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 10 Feb 2022 23:24:32 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 676F 344 B
368 B 59ms
57ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 76464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 10 Feb 2022 06:46:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 676F 0
0 63ms
63ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTT3So2TM_nYZpEES6UyJJLLtSGpEDoONKaQjoliG3SjvyvSYkzKfvVN0JJO5UipAoAe6-W3gklLWyTPIem42OueR6sAQ
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 676F 0
0 74ms
74ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFvyV5o0EYrzxGcuRrASHr6Y45-Ljqmjjsv6dyw_Z2R4QASCi4qMmYJkGoAHx8v7PA8gBCeACAKgDAcgDCqoE1wFP0D2srOTF_mt96UMFcTj3F2wsmCDX_5xVgvA0SUlMoy7txgN6cR3gJ911B_FwkoSOQyT6aZOtapj6eO22yLY8ClvWnYrnYhifwNlqiyyY_XGQBnO4FAgm3EDYkwJvi3dz6Q7z0R4MmRP2t6VBh-CaRcN-ebtnYiGRVy7xZWO70aT9eeyhfDDuhIasTAcjv8MMER1uKRV-riHskZwmK6YC6wrejG6z3h2-IZz3M5p3JWJeUULPhgbyyB7PYDAx_113COqQ6bCNCP_RnEUwG6qHCkP6R0Eqv8AEiP6OyO8D4AQBkgUECAQYAZIFBAgFGASgBi6AB_eMgTCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDwgwHSCAcIgGEQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTMxMDQ3OTAzODc3OTI0NjgYuqoZ&sigh=PDGPtESM_HA&uach_m=[UACH]&template_id=484
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/8197800366936138360/ Frame 676F 26 KB
26 KB 58ms
57ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8197800366936138360/2076313506083323656

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a356d1590c61de7e227bf4c4e96503b63277a516facb286be5740ae0b408c277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 01:04:30 GMT
x-content-type-options: nosniff
age: 183368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26605
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 09:23:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 01:04:30 GMT

GET
DATA 200
OK truncated
/ Frame 676F 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa3287dbe9c1472f383291f857244398ff76fb5d8c3c4ea84f4a638b684102fb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 676F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db8f0977a289152f72e73873f9ed1cc67f10cfe158d024b07f71a5ca76881765

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 676F 15 KB
16 KB 111ms
110ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imgbb.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 114763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 20:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 676F 15 KB
15 KB 129ms
129ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imgbb.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 59881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 11:22:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020301&jk=995117704085038&bg=!FBelF1PNAAbS3PJy0tw7ACkAdvg8WiGbjGj7h9UkYqjQBISFkN1WSPHHUqsnpWlxaDmsv5sJcyDaogIAAADBUgAAAAJoAQcKAEgdCZiwd3Pkhst5uKg-e4XNgb5m4qbH4h9hHRPIhv0zLqHn33ek-bcH8cFrK0ZQL95df4CWg22rYcjKtOTiLyKmMPGf7y4dhziZAoD93n4-fqVbqtt1QCQ9IbfR-crLful5XHsjjSFwt33XOPqqyAMA_iG-YaxRjJ40hNDTvYdYETzY-CTRVG5_XU8F2UVl0UFMX9hrKFubsMJV4KZpWbxCdxeQPFoWZz0fdWQfsmnyC8PvhJWTrKQ5dZkLkhzpqlNtYBI6OORJZI9RcAplwba_OlalQDV3Tw5h0KPiG_GrwsbcbpwgtH_-VW8-7R0rYC-EvsCPPe_4AdGRwf25hGTIRgmQ_y416Iyzz1EHPzh3pJ79Dz7bDgij3RZSIZZAUk1PGhLk2onZpTG-fWCZiosw9yozpoZotEDDI5dc96GZW6ozeVYNj_dEtEhJrR-iB6spJAHtZf-G0522awfew3pLQCNiGrMxK0ZOaAoBp3VHPZlBTIo_Txrm7Irndz0tnKy3swD4bruApRFf_3Z3Vfnlhbh-itqEL_TmTXMayo0rXQ4QZ4kfgD9nFynPCPxdFWeECXib8vHOzhArrJdeUyf2FvpZeTYqN_pLVfEDAiReS4tNFrerrfqXlhkHqoQ_Hnd2XIDQ28nwInrymHmSkWJRn8E9CXvjuqdubqz2TD5GcgITtldSYhXfGQmfQjlGZNpvNXrNqCcg0dal9OVDpvHFFlmX0uEtlryV5m4QSkAf-YEYUFkC00xpw9x1wVP7X98tKWKoB_BKKTxoP3_AkTbLvy8S4NAqoM1r9fBNwwuZTOQOBdXGPL7cYTZWYPQ3mujFlS2v8Eyu5IC-a8nYFPK0b5GhLjSd7oYJUrg8o6yB2FK0zhpZ8P9OhsPTStMMkpPrv8JHORG6drjw1dqWx3u1QuOlli2cJ2SLLP13O6RLvb-OdalT9Heut4R2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 25E5 10 KB
5 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4819
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 14:44:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 10 Feb 2022 04:39:29 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame B565 5 KB
3 KB 75ms
75ms Script
text/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=49726912;rtbwp=01A28813B59D5979;rtbdata=0iBrwPWWfqiYl4X9Mw5xjs4M1OIXuhr-3X_DeaF2IZzfT18vvzoTF7K9f3xfCkBBE40Nw2fEYw7ZdjUcn6ar3Y4VNND6NXPdbRJhSpIRu-NYYslflUIEFHdk3bTyy-VKikSyMY6XAlxvpjwT1znllEcoOZaXMcwKGdeDuVqJYuDwiOnOs6VO1VSCseLHNjWoXjCGKPIlUPAQACDHnBCROhq-Wu-9j4xvhJwURez7F3L59iVHqEaP21ckDEQWwL3dsKv56gpmpZQruo6Upp6PMvooWbbs6vS7Hh7vXv1rXDV3XrwQRV0-bQUoHImg0t3Yk9G2KqpPHWn0hvrhZqfh3GmwnOP6fU_DOb-F7EHZSEM1;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f0a7d6190-845b-4e27-9d80-9306d0f19848%2f;js=1;adfxid=1x;9054;set=en-US|en-US|1600X1200|0|300|50|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fimgbb.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a887e6a82f7360f6754a309f45fa51b3ab0bfacba2e016a014c7d65c171ded40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2573
expires: -1

GET
H3 200 impl_v84.js Show response
www.googletagservices.com/dcm/ Frame 25E5 41 KB
17 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v84.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17214
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:39:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 12:02:48 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame A073 5 KB
3 KB 74ms
74ms Script
text/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=52549255;rtbwp=C847B5446DF27C30;rtbdata=0M1KNFIxLe9-W1krClqfTkiu_v1lW_O4NDu7du_YLDbRmpnUA9ulFS0JI5xsNbDgxry8r5K7EnbdQKChH2snFL3NFPyup41i7L09miEvQtd3Ew1_Va4x14wdmMTCelhWikSyMY6XAlxvpjwT1znllEcoOZaXMcwKGdeDuVqJYuDwiOnOs6VO1c2s8HzgCfLTKz1piz2WSx2l-T98AiT3fuoJ1gaXa4Sntupsx7YU-pUhdAzj90e0DMnasDoAHuJI5R5DyJl6_VCKvdzfnaySBwrepPC1kSUOaOaAMXGLRJ01;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f570b2716-20bc-4428-9e8c-949728eabae1%2f;js=1;adfxid=2x;2942;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fimgbb.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4cdb29da300a3bbe862e64e89d65548c43f257c4877ad38bd60c3519609b30d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2479
expires: -1

GET
H2 200 B9689862.280410797;dc_ver=84.245;sz=300x250;u_sd=1;dc_adk=497053800;ord=o5lqw5;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2F... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 25E5 43 KB
22 KB 268ms
96ms Script
text/javascript 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=84.245;sz=300x250;u_sd=1;dc_adk=497053800;ord=o5lqw5;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fimgbb.com%2F$0;xdt=1;crlt=crTJ9*lzbn;sttr=66;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

6203fa29e817c03f6719279abc35ecefa8f010fe311515376ba93013aca4a52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21954
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9E2D 281 B
554 B 242ms
55ms Document
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 10 Feb 2022 04:00:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EB82 1 KB
749 B 67ms
66ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Wed, 09 Feb 2022 05:53:44 GMT
expires: Thu, 10 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 79615
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B565 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87a33d841dcddfad84d62a3bf590a439ba7ee453a136841a4b6877209ce3f054

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.218/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame B565 85 KB
36 KB 138ms
138ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.218/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b9913c600126d5bf93ad1d4493f7efc461fc3465a10a4d4f3c8fda9b7c50f607

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:39 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 08:31:01 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 11 Feb 2022 07:42:25 GMT

GET
H2 200 /
track.adform.net/jsmetrics/ Frame A073 43 B
208 B 116ms
115ms Image
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?adfserve=76&asset=603&sid=276&rid=10436&cid=35187

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:39 GMT
last-modified: Tue, 22 May 2018 11:52:57 GMT
server: nginx
etag: "5b040499-2b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 09F5 281 B
554 B 252ms
57ms Document
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 10 Feb 2022 04:00:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D8A0 1 KB
749 B 90ms
90ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Wed, 09 Feb 2022 05:53:44 GMT
expires: Thu, 10 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 79615
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A073 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dea964056bdd32b17a669c7c052b01c2abca27583f2999a01ae1628fe199b18

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.218/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame A073 85 KB
36 KB 167ms
167ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.218/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b9913c600126d5bf93ad1d4493f7efc461fc3465a10a4d4f3c8fda9b7c50f607

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:39 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 08:31:01 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 11 Feb 2022 07:42:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB82
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC7uqScZhgIH_AiZPPiD_d0&google_push=AYg5qPJmkTUW5UUzY1TqQZkBgQ1PvBBfKOPnjy9Ac7aW1G7UO8erjZsftC...

170 B
188 B

63ms
63ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC7uqScZhgIH_AiZPPiD_d0&google_push=AYg5qPJmkTUW5UUzY1TqQZkBgQ1PvBBfKOPnjy9Ac7aW1G7UO8erjZsftCBBwriRfpcJBVJg3a0qMbW_2eUsOF29uXs9fLRM5txu

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1644465639.453397,VS0,VE93
x-served-by: cache-hhn4078-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEC7uqScZhgIH_AiZPPiD_d0&google_push=AYg5qPJmkTUW5UUzY1TqQZkBgQ1PvBBfKOPnjy9Ac7aW1G7UO8erjZsftCBBwriRfpcJBVJg3a0qMbW_2eUsOF29uXs9fLRM5txu
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB82
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOiHY6PM1ueUjDQEb2ts4J0&google_cver=1&google_push=AYg5qPK2YuLMcVWtHRBeVfvXnIeVUDQ-q1tSwWDriyHgj8hTKDLPLwHnSqHXP9xpEFjuelmmX4NgjIUkYwenZJ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MjkyNjEzODkwMjkwMjkyOA%3D%3D&google_push=AYg5qPK2YuLMcVWtHRBeVfvXnIeVUDQ-q1tSwWDriyHgj8hTKDLPLwHnSqHXP9xpEFjuelmmX4NgjIUkYwenZJ7ord...

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MjkyNjEzODkwMjkwMjkyOA%3D%3D&google_push=AYg5qPK2YuLMcVWtHRBeVfvXnIeVUDQ-q1tSwWDriyHgj8hTKDLPLwHnSqHXP9xpEFjuelmmX4NgjIUkYwenZJ7ord6I5RZvoOMv

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MjkyNjEzODkwMjkwMjkyOA%3D%3D&google_push=AYg5qPK2YuLMcVWtHRBeVfvXnIeVUDQ-q1tSwWDriyHgj8hTKDLPLwHnSqHXP9xpEFjuelmmX4NgjIUkYwenZJ7ord6I5RZvoOMv
Date: Thu, 10 Feb 2022 04:00:39 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB82
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESED-skxWGh-Jsesu1B8Q8e0Y&google_cver=1&google_push=AYg5qPJdfCb68Q3qfJc0O5RJSXVTw1uFGzebplOG3p5hflc3G8_zSmGhjgfzjToD-EXQbyBTdjfEk58EjC...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESED-skxWGh-Jsesu1B8Q8e0Y&google_cver=1&google_push=AYg5qPJdfCb68Q3qfJc0O5RJSXVTw1uFGzebplOG3p5hflc3G8_zSmGhjgfzjToD-EXQbyBTdjfEk58EjC...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJdfCb68Q3qfJc0O5RJSXVTw1uFGzebplOG3p5hflc3G8_zSmGhjgfzjToD-EXQbyBTdjfEk58EjCJ-8-R9Z3qzn3hFwCo&google_hm=

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJdfCb68Q3qfJc0O5RJSXVTw1uFGzebplOG3p5hflc3G8_zSmGhjgfzjToD-EXQbyBTdjfEk58EjCJ-8-R9Z3qzn3hFwCo&google_hm=

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 10 Feb 2022 04:00:39 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJdfCb68Q3qfJc0O5RJSXVTw1uFGzebplOG3p5hflc3G8_zSmGhjgfzjToD-EXQbyBTdjfEk58EjCJ-8-R9Z3qzn3hFwCo&google_hm=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 dds
rtb.openx.net/sync/ Frame EB82 43 B
351 B 271ms
66ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEqAGvjyvqNOKgX21LxUBuc&google_cver=1&google_push=AYg5qPJCGWwdJCYcRso53nez0D70GjlLqrXvpsgyLyE8-V5SD4HErLlKUo6sqUy5sZeG3FlPx5pQVL3dQ_0Wz4rFqzZVYPFk2Gk
Requested by: Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: nmjkpl24559ssi6akjql3ir7tmsba021

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB82
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIuMEafO-wZOqGlJpPZ3Ybk&google_cver=1&google_push=AYg5qPII3qRlun72sWnhnnkcd5lWCq40nQwR0EAxOoX63RJ2Od5MU-KC7JPtfpa4xIZNm-FBMoo...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHR0RTOUktMUktRDZVVA==&google_push=AYg5qPII3qRlun72sWnhnnkcd5lWCq40nQwR0EAxOoX63RJ2Od5MU-KC7JPtfpa4xIZNm-FBMoo5tIj8F8lBkQ0uVmtMW2kEBNhu

170 B
188 B

65ms
64ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHR0RTOUktMUktRDZVVA==&google_push=AYg5qPII3qRlun72sWnhnnkcd5lWCq40nQwR0EAxOoX63RJ2Od5MU-KC7JPtfpa4xIZNm-FBMoo5tIj8F8lBkQ0uVmtMW2kEBNhu

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHR0RTOUktMUktRDZVVA==&google_push=AYg5qPII3qRlun72sWnhnnkcd5lWCq40nQwR0EAxOoX63RJ2Od5MU-KC7JPtfpa4xIZNm-FBMoo5tIj8F8lBkQ0uVmtMW2kEBNhu
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame EB82
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJ...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame EB82
Redirect Chain

https://sync.bumlam.com/?src=gpix&google_gid=CAESEIYY4_whUut5rwSrVXMg5bQ&google_cver=1&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdV...
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg
https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EB82 0
12 B 120ms
119ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KESqu7g0stbiNZJ52P2qvs7bU3hX3tZpRcJngl4IrdJncaGbNuvPxGlfmdJrkz8L6SIFjfZQ

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET /
google2waycm.netmng.com/cm/ Frame D8A0 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8A0
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKtYolD4Xc0Kfjv2lidMfW4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKtYolD4Xc0Kfjv2lidMfW4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V2h5emdWalcxTmkwRGw1&google_gid=CAESEKtYolD4Xc0Kfjv2lidMfW4&google_cver=1&google_push=AYg5qPKC_e2MYo486n_rezGcbP_jIC7DdcdEbr0VJ06ZFNY...

170 B
188 B

65ms
64ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V2h5emdWalcxTmkwRGw1&google_gid=CAESEKtYolD4Xc0Kfjv2lidMfW4&google_cver=1&google_push=AYg5qPKC_e2MYo486n_rezGcbP_jIC7DdcdEbr0VJ06ZFNYv4dYBVXH1unce9I70d8cTgM4wz2Z4KDn4ImsQ9mS-UjePBFa5eQ

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 04:00:39 GMT
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-087e8c0a3b0870f0e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V2h5emdWalcxTmkwRGw1&google_gid=CAESEKtYolD4Xc0Kfjv2lidMfW4&google_cver=1&google_push=AYg5qPKC_e2MYo486n_rezGcbP_jIC7DdcdEbr0VJ06ZFNYv4dYBVXH1unce9I70d8cTgM4wz2Z4KDn4ImsQ9mS-UjePBFa5eQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D8A0
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDJuOu_f3NnoM0D8UpB43JA&google_cver=1&google_push=AYg5qPKsdCSwq75XHD5eql7PpEwNjwFtuQe3bqxL3JNNiYWFYJXGZrv_DsOdBkwpmnw_hCVdNuxiF4j8qG5W_dmSg-9QvVNi1A&re...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDJuOu_f3NnoM0D8UpB43JA&google_cver=1&google_push=AYg5qPKsdCSwq75XHD5eql7PpEwNjwFtuQe3bqxL3JNNiYWFYJXGZrv_DsOdBkwpmnw_hCVdNuxiF4j8qG5W_dmSg-9QvVNi1A&...

43 B
415 B

200ms
192ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDJuOu_f3NnoM0D8UpB43JA&google_cver=1&google_push=AYg5qPKsdCSwq75XHD5eql7PpEwNjwFtuQe3bqxL3JNNiYWFYJXGZrv_DsOdBkwpmnw_hCVdNuxiF4j8qG5W_dmSg-9QvVNi1A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKsdCSwq75XHD5eql7PpEwNjwFtuQe3bqxL3JNNiYWFYJXGZrv_DsOdBkwpmnw_hCVdNuxiF4j8qG5W_dmSg-9QvVNi1A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6db26e88a95075dd-LHR
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 115
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6db26e87787e75dd-LHR
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDJuOu_f3NnoM0D8UpB43JA&google_cver=1&google_push=AYg5qPKsdCSwq75XHD5eql7PpEwNjwFtuQe3bqxL3JNNiYWFYJXGZrv_DsOdBkwpmnw_hCVdNuxiF4j8qG5W_dmSg-9QvVNi1A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKsdCSwq75XHD5eql7PpEwNjwFtuQe3bqxL3JNNiYWFYJXGZrv_DsOdBkwpmnw_hCVdNuxiF4j8qG5W_dmSg-9QvVNi1A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8A0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPYIovpGJoEIGInziQV5u-s&google_cver=1&google_push=AYg5qPKyAybBWtoggnxzmOVNhB5xcZGvkmWYTRDspqPFNPTev0Em9LoExDqokpbDzOncns5T00bIVSITeKIyF5...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MjkyNjE0MzIwMTY3MTMxMQ%3D%3D&google_push=AYg5qPKyAybBWtoggnxzmOVNhB5xcZGvkmWYTRDspqPFNPTev0Em9LoExDqokpbDzOncns5T00bIVSITeKIyF5i1Ow...

170 B
188 B

63ms
63ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MjkyNjE0MzIwMTY3MTMxMQ%3D%3D&google_push=AYg5qPKyAybBWtoggnxzmOVNhB5xcZGvkmWYTRDspqPFNPTev0Em9LoExDqokpbDzOncns5T00bIVSITeKIyF5i1OwlO6nhGedo

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MjkyNjE0MzIwMTY3MTMxMQ%3D%3D&google_push=AYg5qPKyAybBWtoggnxzmOVNhB5xcZGvkmWYTRDspqPFNPTev0Em9LoExDqokpbDzOncns5T00bIVSITeKIyF5i1OwlO6nhGedo
Date: Thu, 10 Feb 2022 04:00:40 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8A0
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELdcw1cBHD8TPN2Ym_wOzak&google_cver=1&google_push=AYg5qPLgYRk9pff8tY6_gylAWr21K2GCAc4rynqSbHbtEd0eCTOpYZRkCTPcqI3wRdYncAHGQdAPgr8L03NndcOqPAsYj3weM6s
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLgYRk9pff8tY6_gylAWr21K2GCAc4rynqSbHbtEd0eCTOpYZRkCTPcqI3wRdYncAHGQdAPgr8L03NndcOqPAsYj3weM6s&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgwNzQyOTI0NjI1MzQ2MjIxMjE0NA%3D%3D&google_push=AYg5qPLgYRk9pff8tY6_gylAWr21K2GCAc4rynqSbHbtEd0eCTOpYZRk...

170 B
188 B

64ms
63ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgwNzQyOTI0NjI1MzQ2MjIxMjE0NA%3D%3D&google_push=AYg5qPLgYRk9pff8tY6_gylAWr21K2GCAc4rynqSbHbtEd0eCTOpYZRkCTPcqI3wRdYncAHGQdAPgr8L03NndcOqPAsYj3weM6s

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgwNzQyOTI0NjI1MzQ2MjIxMjE0NA%3D%3D&google_push=AYg5qPLgYRk9pff8tY6_gylAWr21K2GCAc4rynqSbHbtEd0eCTOpYZRkCTPcqI3wRdYncAHGQdAPgr8L03NndcOqPAsYj3weM6s
date: Thu, 10 Feb 2022 04:00:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8A0
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFnOUDkcn0R_P4blIkUgFH0&google_cver=1&google_push=AYg5qPJfIdJ3r_lDdEtkMREYnLPd4hvo3nv3bKxDL-0_8ysdsxiyeRz83V4RYFxy4_U6JP5dT3...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFnOUDkcn0R_P4blIkUgFH0&google_cver=1&google_push=AYg5qPJfIdJ3r_lDdEtkMREYnLPd4hvo3nv3bKxDL-0_8ysdsxiyeRz83V4RYFxy4_U6JP5dT3...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12T2U1Umh0RTJ1RVJ5NFRCX0ZWeHVmOXlNU3dlLmF6Yn5B&google_push=AYg5qPJfIdJ3r_lDdEtkMREYnLPd4hvo3nv3bKxDL-0_8ysdsxiyeRz83...

170 B
188 B

63ms
63ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12T2U1Umh0RTJ1RVJ5NFRCX0ZWeHVmOXlNU3dlLmF6Yn5B&google_push=AYg5qPJfIdJ3r_lDdEtkMREYnLPd4hvo3nv3bKxDL-0_8ysdsxiyeRz83V4RYFxy4_U6JP5dT3fOkCZn3GgKF_C5qm3sg1u6daVs

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12T2U1Umh0RTJ1RVJ5NFRCX0ZWeHVmOXlNU3dlLmF6Yn5B&google_push=AYg5qPJfIdJ3r_lDdEtkMREYnLPd4hvo3nv3bKxDL-0_8ysdsxiyeRz83V4RYFxy4_U6JP5dT3fOkCZn3GgKF_C5qm3sg1u6daVs
date: Thu, 10 Feb 2022 04:00:39 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 dot.gif
s0.2mdn.net/ Frame D8A0 43 B
586 B 222ms
62ms Image
image/gif 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEPZQBLwgI7P01tHjxNB1qbs&google_cver=1&google_push=AYg5qPIoygNBX763wJr5VXhOMOvWtDLUlbODFQ0ENN5j19C1z9e9tOoz1sIhfLFG7dozo2Bqtd4ML8W9PjjD5uxznuQEtpZnMebG

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Feb 2022 04:00:39 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D8A0 0
12 B 95ms
94ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kaz0vFkYlW6RvdEfJfB1Ue85d_f_Kwcf41hg-QPRVpX4WY4qIg7ZSoFGaoBAuSXyZipWvrIXw

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 /
track.adform.net/csimpr/ Frame B565 35 B
493 B 74ms
73ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=49726912&csi=OP9I6ID6SEfNd2mIt0oXyCFkUV2OlRB074i_5ZgQmo7rygPkIxxfk1ZtILgzUUNwiEV7VZ3qYPgDZ00EVap0NmQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 51304272.png
s1.adform.net/Banners/51304272/ Frame B565 24 KB
25 KB 88ms
87ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/51304272/51304272.png?bv=2

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d557db6011cea5f6acd195dae7c6fd17772ac0eb77723a27d8374d64eb54ffd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:39 GMT
last-modified: Wed, 02 Feb 2022 09:34:08 GMT
server: nginx
etag: "61fa5010-60ff"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 24831

POST
H2 200 /
track.adform.net/csimpr/ Frame A073 35 B
502 B 73ms
73ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=52549255&csi=nhI4H36y8XTTh0OenMWdcU-0Fiuvz1WqQIyxv2L49M_rygPkIxxfk_Whegp82dfws1bbin18Y5oqXBznOalit2QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 41371955.jpg
s1.adform.net/Banners/41371955/ Frame A073 49 KB
49 KB 82ms
81ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/41371955/41371955.jpg?bv=2

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d66cfa52063105bea54ef067d7b3aea76077aac4d4186c70994bb4bda29ee1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:39 GMT
last-modified: Tue, 23 Nov 2021 14:59:59 GMT
server: nginx
etag: "619d01ef-c4ac"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 50348

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9E2D 32 KB
10 KB 55ms
55ms Script
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c86126948dcef8cd3021987de9ee4065bdfe007d182d7448b696b5dc09410e0a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 04:00:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26965
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Thu, 10 Feb 2022 11:30:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/ Frame 25E5 8 KB
3 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=84.245;sz=300x250;u_sd=1;dc_adk=497053800;ord=o5lqw5;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fimgbb.com%2F$0;xdt=1;crlt=crTJ9*lzbn;sttr=66;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 03:41:55 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 25E5 0
524 B 217ms
90ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzMLjxwzqFxIRS9WMDGhxZ9VMR0jIp1q3R5J3_rquykIG84W8x1I1jsSsenGiqYd1f69VdgPwi8i2YJvHGY7BF12lBYkB281kfmmI8u0eRkI0Un7tZwmtHS0B3pZjGLiyTVmIbP_fHPg&sig=Cg0ArKJSzAG3FV0yAq1dEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220208.97617&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 04:00:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 25E5 41 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Feb 2023 01:00:39 GMT

GET
H2 200 thinkinghuts-english-300x250.jpg
s0.2mdn.net/2276943/ Frame 25E5 64 KB
64 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/thinkinghuts-english-300x250.jpg

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

735e8910e491da560ea18efe17fcb8b50452f21975692ccf984ccf8fa2223793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:19:44 GMT
x-content-type-options: nosniff
age: 31255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65242
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:31:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Feb 2022 19:19:44 GMT

GET
H/1.1 200
OK dv-measurements2152.js Show response
cdn.doubleverify.com/ Frame 9FB5 501 KB
92 KB 73ms
73ms Script
application/javascript 2a02:26f0:fb:59a::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2152.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59a::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: af91c5a0fa2b20fe78168e7c9831390c7b31c86be0a4aef09ce2e1c0ad359cdc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 04:00:39 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Feb 2022 12:18:28 GMT
Server: Microsoft-IIS/10.0
ETag: "0827ba5531bd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=259200000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94005

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9DA6 1 KB
749 B 54ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Wed, 09 Feb 2022 05:53:44 GMT
expires: Thu, 10 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 79615
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 25E5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43536a24655992d63ac6ecdba82e5f6bd7d0cb9a8425cc30983aa581ec426dc8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 09F5 32 KB
10 KB 69ms
69ms Script
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c86126948dcef8cd3021987de9ee4065bdfe007d182d7448b696b5dc09410e0a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 04:00:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26965
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Thu, 10 Feb 2022 11:30:04 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 9E2D 284 B
536 B 55ms
55ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E06D 22 KB
8 KB 56ms
55ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 01:00:40 GMT
expires: Fri, 10 Feb 2023 01:00:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 10799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9DA6 35 B
463 B 191ms
60ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHmpNGSReF--u5FQXQal9Eo&google_cver=1&google_push=AYg5qPIs0CpdcMB69dyzxnIaxBc84r71lzgBdzgxf5ZakOe-VptkKPTN12xNVjAikSlW-awOhRrbw6CoGuuztSp-sFilnkYZJ74

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DA6
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEB1gno7gqHgOh1rgxiqJEC8&google_cver=1&google_push=AYg5qPI7Wau4YAKvkVNXDLmBhHVrR8ianiPW-I7UqPZqbtKf2UCUH_TWPyusH15K-NCe0tSf0NWo1SF_35ABfY-gH2T47NUjMg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D94C4A34C1314DEAB9CA4475D9F0CA59&google_push=AYg5qPI7Wau4YAKvkVNXDLmBhHVrR8ianiPW-I7UqPZqbtKf2UCUH_TWPyusH15K-NCe0tSf0NWo1SF_35ABfY-...

170 B
188 B

63ms
63ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D94C4A34C1314DEAB9CA4475D9F0CA59&google_push=AYg5qPI7Wau4YAKvkVNXDLmBhHVrR8ianiPW-I7UqPZqbtKf2UCUH_TWPyusH15K-NCe0tSf0NWo1SF_35ABfY-gH2T47NUjMg

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 10 Feb 2022 04:00:39 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D94C4A34C1314DEAB9CA4475D9F0CA59&google_push=AYg5qPI7Wau4YAKvkVNXDLmBhHVrR8ianiPW-I7UqPZqbtKf2UCUH_TWPyusH15K-NCe0tSf0NWo1SF_35ABfY-gH2T47NUjMg
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 09 Feb 2022 04:00:39 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DA6
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED-InRhXrnq2OVv0GQp05TU&google_cver=1&google_push=AYg5qPInV_s5Jdoj_C-BYQyDE6_nttRnyaNh4Mw0NiWyfV3p-ITbJaI-wYJunY08veX9XAX9FF2uCl655MtxhUZpbnJCwKWnlg
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPInV_s5Jdoj_C-BYQyDE6_nttRnyaNh4Mw0NiWyfV3p-ITbJaI-wYJunY08veX9XAX9FF2uCl655MtxhUZpbnJCwKWnlg&google_hm=MjA0OTI4MjM3NTE4NzM0MTg4...

170 B
188 B

62ms
62ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPInV_s5Jdoj_C-BYQyDE6_nttRnyaNh4Mw0NiWyfV3p-ITbJaI-wYJunY08veX9XAX9FF2uCl655MtxhUZpbnJCwKWnlg&google_hm=MjA0OTI4MjM3NTE4NzM0MTg4NA%3D%3D

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 10 Feb 2022 04:00:39 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPInV_s5Jdoj_C-BYQyDE6_nttRnyaNh4Mw0NiWyfV3p-ITbJaI-wYJunY08veX9XAX9FF2uCl655MtxhUZpbnJCwKWnlg&google_hm=MjA0OTI4MjM3NTE4NzM0MTg4NA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DA6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xt2E1x7qT_C-aUMJVJM28A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

63ms
63ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xt2E1x7qT_C-aUMJVJM28A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKxkX5FskQf8LRInOrHz75iEXiqiy8BR4DTk-dQ52J5sz4_4tqY4BECxIjXN0G2VAIoN02Jw_THApaB8-wxdwSvKUcipg

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xt2E1x7qT_C-aUMJVJM28A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKxkX5FskQf8LRInOrHz75iEXiqiy8BR4DTk-dQ52J5sz4_4tqY4BECxIjXN0G2VAIoN02Jw_THApaB8-wxdwSvKUcipg
date: Thu, 10 Feb 2022 04:00:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DA6
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEEWUacyAPu6k9vld-zbmLLA&google_cver=1&google_push=AYg5qPI16r_O3TpF54zvZQTCusRMzFhNI4DiLiuvolAgg7XxRVsdrfIEFxEZFuI7KcuEPcqZoq65M1whjb9xExG2UsSSCSo1wB8
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg3NDY3MjM5MDY2OTU3NjAwMFYxMA%3d%3d&mn_hm=Mjg3NDY3MjM5MDY2OTU3NjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI16r_O3TpF54zvZQTCusRMzFh...

170 B
188 B

67ms
67ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg3NDY3MjM5MDY2OTU3NjAwMFYxMA%3d%3d&mn_hm=Mjg3NDY3MjM5MDY2OTU3NjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI16r_O3TpF54zvZQTCusRMzFhNI4DiLiuvolAgg7XxRVsdrfIEFxEZFuI7KcuEPcqZoq65M1whjb9xExG2UsSSCSo1wB8&gdpr=&gdpr_consent=

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 04:00:39 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg3NDY3MjM5MDY2OTU3NjAwMFYxMA%3d%3d&mn_hm=Mjg3NDY3MjM5MDY2OTU3NjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI16r_O3TpF54zvZQTCusRMzFhNI4DiLiuvolAgg7XxRVsdrfIEFxEZFuI7KcuEPcqZoq65M1whjb9xExG2UsSSCSo1wB8&gdpr=&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 154
X-MNET-HL2: E
Expires: Thu, 10 Feb 2022 04:00:39 GMT

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 9DA6 0
75 B 708ms
52ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAT-iCRfoN8IyTltwS1uemc&google_cver=1&google_push=AYg5qPKIp23RM_V0cZ6KcqsxV4ERrgv47sRhmtKQuguyjY0lPwcTTjZXwFDnEjNPGFf--ZnQjCNRXU9Re_J3QSO7Klo5Rhr6DRs
Requested by: Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:40 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DA6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEB3HT3Xo-3yEK_axKixbN0o&google_cver=1&google_push=AYg5qPLwjwzjE34s5WJc56ybY5a6bKVALZseYed07WRvihI2RKTvVQ6g1InIFp3QyDL4Hg6Wxq...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12T2U1Umh0RTJ1RVJ5NFRCX0ZWeHVmOXlNU3dlLmF6Yn5B&google_push=AYg5qPLwjwzjE34s5WJc56ybY5a6bKVALZseYed07WRvihI2RKTvVQ6g1...

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12T2U1Umh0RTJ1RVJ5NFRCX0ZWeHVmOXlNU3dlLmF6Yn5B&google_push=AYg5qPLwjwzjE34s5WJc56ybY5a6bKVALZseYed07WRvihI2RKTvVQ6g1InIFp3QyDL4Hg6WxqP0JqF3b2Iv3AjZdqYt3T9eNBES

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12T2U1Umh0RTJ1RVJ5NFRCX0ZWeHVmOXlNU3dlLmF6Yn5B&google_push=AYg5qPLwjwzjE34s5WJc56ybY5a6bKVALZseYed07WRvihI2RKTvVQ6g1InIFp3QyDL4Hg6WxqP0JqF3b2Iv3AjZdqYt3T9eNBES
date: Thu, 10 Feb 2022 04:00:39 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9DA6 0
12 B 68ms
67ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KviMlZqphly5iiWw0U5hAT4cLUh9EffFnoCYPThRcPQwM3QCCqeGZH-oYWElE5_m54nOsg-w

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:00:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 /
clickiocdn.com/utr/scmps/ 42 B
158 B 49ms
49ms Image
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickiocdn.com/utr/scmps/?rt=563964500&cmp=-1&api=-1&sid=224723&req=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Feb 2022 04:00:39 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

GET
H3 200 SGqKhU7YX_r4svqgMep210vmvQGTbsYkpFPBiqERxpE.js Show response
pagead2.googlesyndication.com/bg/ Frame E06D 35 KB
13 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SGqKhU7YX_r4svqgMep210vmvQGTbsYkpFPBiqERxpE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

486a8a854ed85ffaf8b2faa031ea76d74be6bd01936ec624a453c18aa111c691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 20:24:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 20:24:57 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 25E5 0
60 B 91ms
90ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 04:00:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODE0MjN+LX4tfi1+NjgxNTAzfjY4MTM0NH42ODE0MjN+LX42ODE1MDN+NjgxMzQ0fjY4MTQyM34tfjY4MTUwM342ODEzNDR+NjgxNDIzfi1+NjgxNTAzfjY4MTM0NH42ODE0MjN+LX42ODE1MDN+NjgxMzQ0fjY4M... 38 B
206 B 51ms
51ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODE0MjN+LX4tfi1+NjgxNTAzfjY4MTM0NH42ODE0MjN+LX42ODE1MDN+NjgxMzQ0fjY4MTQyM34tfjY4MTUwM342ODEzNDR+NjgxNDIzfi1+NjgxNTAzfjY4MTM0NH42ODE0MjN+LX42ODE1MDN+NjgxMzQ0fjY4MTQyM34tfjY4MTUwM342ODEzNDR+NjgxNDIzfi1+NjgxNTAzfjY4MTM0NH42ODE0MjN+LX42ODE1MDN+NjgxMzQ0fjY4MTQyM34tfjY4MTUwM342ODEzNDR+NjgxNDIzfi0mc3NpZD0xfjJ+MX4yfjF+LX4tfjJ+MX4tfi1+Mn4xfi1+LX4yfjF+LX4tfjJ+MX4tfi1+Mn4xfi1+LX4yfjF+LX4tfjJ+MX4tfi1+Mn4xfi1+LX4yJmFjdD1nX2V2X3Nsb2Fkfi1+Z19ldl9zbG9hZF9sbHZfNDAweDIwMGR+LX5nX2V2X3NyZW5kfi1+LX4tfmdfZXZfc3JlbmRfbGx2XzQwMHgyMDBkfi1+LX4tfmdfZXZfc3JlbmRfbmV+LX4tfi1+Z19ldl9zcmVuZF9uZV9sbHZfNDAweDIwMGR+LX4tfi1+Z19ldl9zcmVzcH4tfi1+LX5nX2V2X3NyZXNwX2xsdl80MDB4MjAwZH4tfi1+LX5zbG90X2FkbV9yZXBseX4tfi1+LX5zbG90X2FkbV9yZXBseV9sbHZfNDAweDIwMGR+LX4tfi1+c2xvdF9ybmRyZF9jb250ZW50fi1+LX4tJnVybD1+aW1nYmIuY29tJnZjbnQ9NDAmX2Y9X19seEdfXy50bXAubG9nc3RfcHExMHU1a3k0ZzZ4cjM0aQ/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 7ec38ee3e3f23890506bb63db1c12813ce4230b10d2d44a1a68ee9d5e3428113

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Feb 2022 04:00:39 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 9FB5 1 KB
1 KB 392ms
62ms Script
text/javascript 213.254.244.108
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=187&ttfrms=32&brid=3&brver=98.0.4758.80&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3E833%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3E833%5D4%40%3ETar9EEADTbpTauTau6ac6h%606gacf734_3_b2_6%60%6053bg57fd2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau6ac6h%606gacf734_3_b2_6%60%6053bg57fd2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1644465639702872&jsCallback=dvCallback_1644465639702972&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2152&tgjsver=2152&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fe24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=8&brh=2&sdf=2&dvp_epl=324&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://imgbb.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0ipY0xgasTmaZ631kn9Cv_p&DVP_DBM_1=3060631&DVP_DBM_2=12004965&DVP_DBM_3=32655946&DVP_DBM_4=322642866&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=94850382.56504624&dvp_tukv=339855551677.6458&dvp_uuid=162696114252.30518&dvp_strhd=0.6000003814697266&dvpx_strhd=0.6000003814697266&dvp_tuid=552651244640
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2152.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.108 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 0a586f310d1cfebd3608a3d249c1b6aa706456c766cbde6999c51db4c5611f21

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 03:59:42 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 02/09/2022 04:00:40

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E06D 0
20 B 89ms
88ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHlw-540EYqS1F42p3gOD6IdoAAAAADgB4AQC&bg=!iomlic3NAAbS3PJy0tw7ACkAdvg8WkRR46v-RcttyWFK2zdxwprt_39cocxomvOV0_8NeBe4_HFCkAIAAABZUgAAAAJoAQcKAHg9fF5ou1G2dsYteOGtVtq-3wLoAvuH1aW-Xmyh1ivruMpKq9TlZZ0pDLqqjYpkF2tApWGu0JnnUtBJam-ACjoofvGb9d7LGvMTp07abZEPJ9axRfGpWgDtkLY1bZFctA_bpvyiVNgmZ-9-PjsO9Ez8GvzQxb-5eIqZAwaweWQNxP6hDjzzAGFCqiMeVSfiR3pLV3Q5K2gE-ertTq2ZWRw_khwG3MkwF6OYS0IMKxYMDL4dxZ1QCZ0ySzdcMy2ArWkUVXNki-bL8d9jRtvgqFUmiFymE-7iQFJyaKni6NCDF7eGBapvbPjzW8_LXbBUCtFTGlK5DaQ0KO2NEPSEiofp4loQn5jXC2p3fOn48ohgjld8LpQ2WnaS0HIs7zG3LoWGKA5ntabWozou6nZYtBwpZozYbHbXZtdzGGNm0oeRStcKupIt3W86dlxMISzuW6zDYznTw9098PxAKoRZKykIN5WAFwfdBySB-HRegRe_TZgmaFS54JwgEaf5Iyim6lmPePGL0YLE32_z96q9KGzC21NHE-KxxVjugga25EzqzhSy2SqBS36qGtfsdtYvzSWweH3nb6mQyQv70q1PHWkdZoCE0f20i24s51rJHvvb108Dwr8kyu_YvJ6YQcQwp_E7CTFDvLXmB6QsWiJ6YyXI-Ue5eLzXzOymMA_87qP0xoEkma0kxwKE3TSvKCsOO8u8mwXUr1ywp3PGmViofXFjDAwS2ZTm7B3ClZMsR0fhvTCkOJx2kXGyySEx3AI0-C3LwKu0MEo1Ci6ny7vI8kvpWbqGyJ48lOSOdgqGyqZPWJFHjMN_fJFXKD54u6Wzw8A8ZaB0N-wtzynCzun2_1ytYLmlzGk7vLaLHlsglrm5256fVb-SRhqhUdTJjXTcTklDcYY2ePgsvkVfbldbcWy798V18hDzotlFPwStvoDv4xpHcYDfe6hkSbxaWO29ERI-AsQl36jj5eBTz_xEKRx0zhKHSMyoyXeHaAaryN8crnzReXj4tHz8wHH7P7TwFORgO0asDHKY-48UikgFY97ZAvr1XzL9Jskofz_9fjQvyEL1lwRGO4eXGrRwI8ZNMuGtSPtPem71oL8ymCRgnBQAPCKo3mGmIwEzUfqRrfTZjiT5-4OTrg199D_sn5UlOMY8wAEmL1XPhndNVBpVV0sTkcOlocfd26y5ipaRZTwiGg0

Requested by

Host: e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
URL: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F3D0 42 B
64 B 96ms
95ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3CV5Qf3OMGg64kPpXxnDb8HrWWWmlxk3pwSrQ5Oq2SdrYmoTaUi72To8ok3HxwoTqzBLXRTd2S1ZjS2WDBqulJQxzKbioGiol5VxnX9aNuBT4Z38&sai=AMfl-YQ73p2_bkneWpsEYSPYkQljWAVJiauRZrdGwBjbDuMyjNJT-h5N4-gU5v2gLY851b-rRmaK5q3ghW7wN89LixgbDAE_-KDn3UR3INUQvcj_uzGvSIibNq6lc-E1&sig=Cg0ArKJSzOI30PKL2WxcEAE&cid=CAASFeRo9wmjjmVz3zyUprh_A7jiqofc2Q&id=ampim&o=276,458&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=372&tls=1372&g=100&h=100&tt=1372&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 676F 42 B
64 B 94ms
93ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6eUwMnRocRAwF_R6SAOKRVvbjTR8AB0FblPgW_OFt8a4vMTB-ZdzQ3Zw94yJkRvvHOALnnHp1JI4qjtleu59UL3GNbN7-2T9_AOSyTmb64Iz8dG0&sai=AMfl-YRdNDSBjBon7YPgicGIe07Tb2KNxrHvrnh_tQzLdppDjR5WrBSXfjXZrGMtPGhQIToIoEOwH8xMnFQkhnmqkhdV3ejz5f_jl5xjN-dut_23qD6YwKKvPWWAqAEV&sig=Cg0ArKJSzC48CJTjfe6bEAE&cid=CAASFeRo4Ob47NnrU0bCOL6tuzudiWBnZw&id=ampim&o=632,458&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=287&tls=1287&g=100&h=100&tt=1287&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2927392422

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A073 42 B
64 B 151ms
88ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwkvKVpGQq7LOGFqtLeYUBrrOc1VqFDTGMnqayBlkswFqbEE2ydJSy3JV0PFRaBeNYcrQAVY7ll8PubZJyM61F_A&sig=Cg0ArKJSzExDrZmxcfmuEAE&cid=CAASFeRoH_yeDSPyPnvO1UcI6cxI4fiqyQ&id=lidar2&mcvt=1000&p=1110,453,1204,1181&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=419035065&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644465638288&rpt=1349&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B565 42 B
64 B 149ms
88ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_0F9WZTcF5kHtwhl69nRpdj4m929iHVkz4enbCOJxNDW-ipuWVGznNYavUxKRdV11mT0DYZvydy2zCPVqWqVpiw&sig=Cg0ArKJSzC8j-CJWMzrqEAE&cid=CAASFeRoOuzIpAVXHH5UEx9PRXNnb-vUAg&id=lidar2&mcvt=1001&p=85,640,139,960&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&app=0&itpl=20&adk=51654815&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644465638139&rpt=1481&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 25E5 42 B
64 B 134ms
86ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5Ohp6tqIIor-XodV7QKUXVmjEfCI5crOwh593CP6nReOQ2ojM1DYczwYdn_Nb26T1r1tzZK3zxIuy7H9-tWskZb1LE2xZ&sig=Cg0ArKJSzDAUnA3umk7UEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=497053800&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644465638046&rpt=1606&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 25E5 42 B
64 B 141ms
96ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskDvdwP0eeAyEN3OjUl9YIPbyJ3afDRWNEyOLR2MIpcns3iKC6I8JtcJRDFO1LXgyOjt9G2DGeudxjGDEdWjUq3-En_NCyuy-NGPRXUYbKnTsjs38&sai=AMfl-YRMH4jzev_45CPWdAtqiO6NoiYlI8w9XqDov9eRcs1yQOepXe8DpqN-WuHSnrEbtcGo2RafsMH-CZyZbS6ww8s-dv08V1K-cWY49mvSmY9Dg2lygHFPo4-3EAA-&sig=Cg0ArKJSzAYu_c7ydvK5EAE&cid=CAASEuRowh22b5P1dc4pN03sPs4IZg&id=lidar2&mcvt=1002&p=458,988,712,1288&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3479477931&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644465638046&rpt=1604&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame B565 35 B
502 B 76ms
75ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4817375625008044402@@49726912,665690185960004305,100|1060|0|0|0|0|0|0|0||9|1|31|d013f5c641c89ea809ec7fcf57ff0dd51392ebd2_1|||1|0|0|r4RcL4q5UzRX7EYoWZQhURHIuoi6yl2U3Ui3GwBE6OLkbtd2p4E31MkllzAqADQrA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:40 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame B565 35 B
303 B 76ms
76ms Image
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=49726912&event=178&time=2&baid=51304272&name=Viewable%20impressions&imprid=665690185960004305&icid=4817375625008044402&eData=OP9I6ID6SEfF1dmakCanM3h9ErTV8WMW4fn4X_ACi5iC_M_8nT45kdJKKNrHmgGDs2QCw_yaUkYau94oJsHc8Q2&rtbdata=0iBrwPWWfqiYl4X9Mw5xjs4M1OIXuhr-3X_DeaF2IZzfT18vvzoTF7K9f3xfCkBBE40Nw2fEYw7ZdjUcn6ar3Y4VNND6NXPdbRJhSpIRu-NYYslflUIEFHdk3bTyy-VKikSyMY6XAlxvpjwT1znllEcoOZaXMcwKGdeDuVqJYuDwiOnOs6VO1VSCseLHNjWoXjCGKPIlUPAQACDHnBCROhq-Wu-9j4xvhJwURez7F3L59iVHqEaP21ckDEQWwL3dsKv56gpmpZQruo6Upp6PMvooWbbs6vS7Hh7vXv1rXDV3XrwQRV0-bQUoHImg0t3Yk9G2KqpPHWn0hvrhZqfh3GmwnOP6fU_DOb-F7EHZSEM1&rtbwp=01A28813B59D5979&rnd=408606424

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:40 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A073 35 B
502 B 74ms
73ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2786307760455637707@@52549255,2250739419737139527,100|1078|0|0|0|0|0|0|0||37|1|31|dbdbfbe98426753a4612922347f27f8b10ce606c_1|||1|0|0|r3ClzgBg2lpX7EYoWZQhUe9Tj9wOKViHzpQvcrHe1ep-OhOY9KzBUckllzAqADQrA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:40 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame A073 35 B
303 B 74ms
73ms Image
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=52549255&event=178&time=2&baid=41371955&name=Viewable%20impressions&imprid=2250739419737139527&icid=2786307760455637707&eData=nhI4H36y8XTCGsiUdm8h49NG6G8ax2lm4fn4X_ACi5geZQQpkIJgFV-mGKqWG2hrpq5NuHevZ0gau94oJsHc8Q2&rtbdata=0M1KNFIxLe9-W1krClqfTkiu_v1lW_O4NDu7du_YLDbRmpnUA9ulFS0JI5xsNbDgxry8r5K7EnbdQKChH2snFL3NFPyup41i7L09miEvQtd3Ew1_Va4x14wdmMTCelhWikSyMY6XAlxvpjwT1znllEcoOZaXMcwKGdeDuVqJYuDwiOnOs6VO1c2s8HzgCfLTKz1piz2WSx2l-T98AiT3fuoJ1gaXa4Sntupsx7YU-pUhdAzj90e0DMnasDoAHuJI5R5DyJl6_VCKvdzfnaySBwrepPC1kSUOaOaAMXGLRJ01&rtbwp=C847B5446DF27C30&rnd=870221495

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 04:00:40 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 25E5 0
305 B 166ms
56ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=9092a93214564d5e803733770f95bff8&nav_pltfrm=Linux%20x86_64&cbust=1644465641045321
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
Pragma: no-cache
Date: Thu, 10 Feb 2022 04:00:41 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 02/09/2022 04:00:41

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODE0MjN+LX42ODE1MDN+NjgxMzQ0fjY4MTQyM34tfi1+NjgxNTAzfjY4MTM0NH42ODE0MjN+NjgxNTAzfjY4MTM0NH42ODE0MjN+NjgxNTAzfjY4MTM0NH42ODE0MjN+LX4tfjY4MTUwM342ODEzNDR+NjgxNDIzf... 38 B
206 B 51ms
51ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODE0MjN+LX42ODE1MDN+NjgxMzQ0fjY4MTQyM34tfi1+NjgxNTAzfjY4MTM0NH42ODE0MjN+NjgxNTAzfjY4MTM0NH42ODE0MjN+NjgxNTAzfjY4MTM0NH42ODE0MjN+LX4tfjY4MTUwM342ODEzNDR+NjgxNDIzfi1+LX42ODE1MDN+NjgxMzQ0fjY4MTQyMyZzc2lkPTF+Mn4xfi1+M34xfjJ+MX4tfjN+MX4tfjN+MX4tfjN+MX4yfjF+LX4zfjF+Mn4xfi1+MyZhY3Q9Z19ldl9pbXB2fi1+LX4tfi1+Z19ldl9pbXB2X2xsdl80MDB4MjAwZH4tfi1+LX4tfmdfZXZfc2xvYWR+LX4tfmdfZXZfc2xvYWRfbGx2XzQwMHgyMDBkfi1+LX5zbG90X2ltcF92d2Jsfi1+LX4tfi1+c2xvdF9pbXBfdndibF9sbHZfNDAweDIwMGR+LX4tfi1+LSZ1cmw9fmltZ2JiLmNvbSZ2Y250PTI2Jl9mPV9fbHhHX18udG1wLmxvZ3N0XzA2bHBsc2l0bGN4djJ1M20/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 65eb4a907b3e1cfb2d888cffea62037f962616ebc3cd56521c1713e30ed839e4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Feb 2022 04:00:41 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 9FB5 0
281 B 177ms
58ms Ping
text/plain 213.254.244.108
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=bf128910e3fd45aaa0bebc1d666e6973&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=394&eoid=8&msrjs=2152&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=0&tetms=9&msltms=162&vltms=394&sei=289&vetms=6&engms=1&engisel=1&ttfurm=2430&cbust=1644465642103785
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2152.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.108 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
Pragma: no-cache
Date: Thu, 10 Feb 2022 04:00:16 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 02/09/2022 04:00:42

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 9FB5 0
281 B 58ms
58ms Ping
text/plain 213.254.244.108
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=bf128910e3fd45aaa0bebc1d666e6973&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=10&ismms=41&isumms=40&isvelg=1&nvr=6&isgmmims=41&isgmv4mims=41&elmtp=6&isbxdms=2441&b0=100&b11=2408&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2508&sftb=2508&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1041&isuiabvms=1041&isgmpims=148&isgmv4dpims=1041&ispmxpms=1041&engalms=39&engscrlms=148&dvp_pageEng=true&dvp_dpr=1&cbust=1644465643102530
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2152.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.108 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
Pragma: no-cache
Date: Thu, 10 Feb 2022 04:00:43 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 02/09/2022 04:00:43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEG6ZrG9s8sGBx1qN8yX7gHs&google_cver=1&google_push=AYg5qPL_xQ7_0FXpMMNaWjlmzKhnWSnaLW5OLYOpErJgLjJ-z_dI0xfPmDes5WveFMpQBN7fTqJMSljIAysvVLy6gTmSg1cviYU

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imgbb.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8ug0hq7i5cc917tthcclg1mk8u
.imgbb.com/	1970-01-20 10:09:21	Name: __gads Value: ID=d530b27a0f9a6c7a:T=1644465637:S=ALNI_Mb7SsVH5pLx7bJom1qR5PNq0iElFA
.adnxs.com/	1970-01-20 02:57:21	Name: uuid2 Value: 5632347821824104428
.doubleclick.net/	1970-01-20 00:47:49	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 02:57:21	Name: CMPS Value: 1840
.adform.net/	1970-01-20 01:28:04	Name: C Value: 1
.adnxs.com/	1970-01-20 02:57:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>6vnZ.J!]tbPl1M>e)ZlrFUfJ+tGXxoDL!1JfAbtMES3d/yL+gDF^#AuR_K@l#T>!Q-3If)y3KL9D3I?+<U85Ye
.casalemedia.com/	1970-01-20 09:33:21	Name: CMID Value: YgSN5uAwkaH1tj0q2UmbgwAA
.casalemedia.com/	1970-01-20 02:57:21	Name: CMPRO Value: 325
.doubleclick.net/	1970-01-20 18:18:57	Name: IDE Value: AHWqTUlR3UZxkZBr8hpcb4uX8xIqBjk26ixZZVjhjK6MD9x0nPUY-PavsW0C98Qjgc8
.casalemedia.com/	1970-01-20 09:33:21	Name: CMRUM3 Value: 2d62048de62760CAESEAOHRESQ9guh-KA5H5Jhwhg
.adform.net/	1970-01-20 02:14:06	Name: uid Value: 2786307760455637707
.adform.net/	1970-01-20 00:57:50	Name: TPC Value: 1644465639160
.3lift.com/	1970-01-20 02:57:21	Name: tluid Value: 2807429246253462212144
.yahoo.com/	1970-01-20 09:33:43	Name: A3 Value: d=AQABBOeNBGICEMiansqJVMeAM-cR9twL8QYFEgEBAQHfBWIOYgAAAAAA_eMAAA&S=AQAAAgbsRfHTPqwanlajzeNUZkw
.bumlam.com/	1970-01-20 13:45:21	Name: guid Value: D183D4A64759A31
.everesttech.net/	1970-01-20 09:33:21	Name: everest_g_v2 Value: g_surferid~YgSN5wAFBmMVqgAy
.analytics.yahoo.com/	1970-01-20 09:34:48	Name: IDSYNC Value: 18yx~235f
.w55c.net/	1970-01-20 10:13:40	Name: wfivefivec Value: WhyzgVjW1Ni0Dl5
.casalemedia.com/	1970-01-20 00:49:12	Name: CMST Value: YgSN5mIEjecA
.simpli.fi/	1970-01-20 09:34:48	Name: suid Value: D94C4A34C1314DEAB9CA4475D9F0CA59
.quantserve.com/	1970-01-20 02:57:21	Name: d Value: EAkBCQG0JYEA
.quantserve.com/	1970-01-20 10:18:00	Name: mc Value: 62048de7-b43c4-210d3-2cc22
.w55c.net/	1970-01-20 01:30:57	Name: matchgoogle Value: 5
.media.net/	1970-01-20 09:33:21	Name: visitor-id Value: 2874672390669576000V10
.media.net/	1970-01-20 01:07:55	Name: data-g Value: CAESEEWUacyAPu6k9vld-zbmLLA~~3
.tribalfusion.com/	1970-01-20 02:57:21	Name: ANON_ID Value: aenseFu4YUcmqcn63g80xQtCYZaNke2c3wZbxt6S8WkjSXB0PAIZc3qtnIGcvNeE6ILfcSDbdQISZaQ2FMJ2MTyl
.pubmatic.com/	1970-01-20 00:49:12	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 02:57:21	Name: KADUSERCOOKIE Value: C6DD84D7-1EEA-4FF0-BE69-4309549336F0
.adfarm1.adition.com/	1970-01-20 02:57:21	Name: UserID1 Value: 7062926143201671311

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=programmatic_ecosystem_llc&google_push=AYg5qPKlfPmG6saTFZ1Y9O2P496mu4dDHswIqQ5doxdyHY2pBXRj-Ox1cZdSBfncL023aMTBZYkJRhfvYxW3mv4FlvZQMKWOdVgxEg Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgSN5uAwkaH1tj0q2UmbgwAAAUUAAAAB&google_cver=1&google_gid=CAESEBMpxlEhH6D5urYSpMRvTyY&google_push=AYg5qPIikSiNH2fPDo0dI9F34RMLG4wVwxmCJu69gISU-ro2EReG0l2CTh9tHiVMiNAv14K_McZvSuzNknozBUQ9iKR4wxIZ2gc Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
c.eu1.dyntrk.com
cdn.ampproject.org
cdn.doubleverify.com
clickiocdn.com
cm.g.doubleclick.net
cms.quantserve.com
cs.media.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e24e91e8247fbc0b03a0e11db38df75a.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.ibb.co
ib.adnxs.com
image6.pubmatic.com
imgbb.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.clickiocdn.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
securepubads.g.doubleclick.net
simgbb.com
ssbsync.smartadserver.com
sync-tm.everesttech.net
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
track.adform.net
um.simpli.fi
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
google2waycm.netmng.com
104.36.113.23
104.89.20.125
142.250.181.226
142.250.185.194
142.250.186.134
142.250.74.194
151.101.194.49
169.50.137.184
185.33.221.11
185.86.139.104
2.21.140.74
2.21.141.232
213.254.244.108
217.182.228.53
2606:4700:3032::ac43:83fb
2606:4700::6812:d05
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:803::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2002
2a02:26f0:fb:59a::4469
2a05:d018:d29:3601:47b3:499a:9c92:a180
3.126.56.137
34.149.12.213
35.186.253.211
37.157.5.73
37.157.6.245
46.229.170.2
51.178.20.140
52.57.143.183
69.173.144.138
76.223.111.18
85.114.159.93
95.211.66.34
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0a586f310d1cfebd3608a3d249c1b6aa706456c766cbde6999c51db4c5611f21
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c84fef64db8bf306cbddb004f03fd80e5b6fca96a87e2d93ca6513ae48aa92a
0e862cf39a4c2320dacc96189d28c6d221c722a03cc8c78c3e428563dff004dc
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b294fab0f86fddd85ea063499bd0d0b5bb933c2f32db205da4c8af42e244e15
1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763
21909a69dbe451d947c601dde087a38fe1cc1f46d337a4df577eaad2019e3546
24b240f1dfdac5b1da7c1063afaa2e27254d9896a30f90944ece85f09d726698
2686c3414ea84d20b6bfdf55bd00548eecbb07fd5cb1dcda56332255c0c5c316
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b7565763ab5a2d5709434fa4183d3b2759985e22ceec499199ee13695c2430b
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33a04bbcbf109bd7c2200a5ae9609237079edf87f7356a423e33c6d600cdc142
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae
3f2114bc0eeb320d7ed7a6cdb4a858b47da2fa8c32d0dc6dc707069ec4af506e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5
43536a24655992d63ac6ecdba82e5f6bd7d0cb9a8425cc30983aa581ec426dc8
486a8a854ed85ffaf8b2faa031ea76d74be6bd01936ec624a453c18aa111c691
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a39702ee0f460c80777514aca649fe8d2bd719577bdbcc840201e8b02b374eb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cdb29da300a3bbe862e64e89d65548c43f257c4877ad38bd60c3519609b30d2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e28ac3530db7c83711eafdf4f2c8ef53ff9f8b3201ee82ef038042f9a3fdf7c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5363332f874837cce2fba16f92207169fdf8dbb33dd4ede31fb57a771b022017
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570b265643d75325964eb0a3f8df420400cdf2b88c7c8bf51c7e9f6dbecb13e6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dea964056bdd32b17a669c7c052b01c2abca27583f2999a01ae1628fe199b18
60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
6106366d0a18444c46ede39b801317bbc83cffb8fe8fa27274efebc51c28d11a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6203fa29e817c03f6719279abc35ecefa8f010fe311515376ba93013aca4a52c
65eb4a907b3e1cfb2d888cffea62037f962616ebc3cd56521c1713e30ed839e4
67f5788b8acedea57d7b9382fefeb08bfa32bd51bdc975c485d0bf32635445e9
691d6f4c557e37971930746c52d1f0ab10398619c787654c4425ecead44aae67
735e8910e491da560ea18efe17fcb8b50452f21975692ccf984ccf8fa2223793
777198b10c2de1dca5f4001b16123d4ee62fae8591b4d03e5c13f94796862ea2
78a691f0b7ee7016c9680fb63f0935c6b46d41c4cf2d574a5192f811d4bc33cc
7e8174927a449806111f3d07ca72055209e038b109867332fffef848443bbacd
7ec38ee3e3f23890506bb63db1c12813ce4230b10d2d44a1a68ee9d5e3428113
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55
8045e45fd126562ae947b24cf3d9eb8e4f21ac2638e8c4ae41d42200bc438807
8068cd0e9e36ac3d01b4dd7abe77dd99014ba824d16514645291b22293713709
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838ca8f73ac18387e919098d3d04334725a1c92e5b15ad0d69baea936edb492e
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
87a33d841dcddfad84d62a3bf590a439ba7ee453a136841a4b6877209ce3f054
89297057a002ac0ce0f50b302b451c03cf809172b1b14e3125812bc048c85d1c
8a788becf471a3b73e6362255ed9dd876f46abb37aea6ad0a34c240e03c8afd1
93c1d5a32dd2f82af53050e54c8adb70f19e418e63777c985c4a9f9deefb305b
95ce3a38ce9f513e19416aa99f04a1cdb35cf470dd8501fea97c0f22920a4fb6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1c8cad4ed434beb695ed406f97d9b319ecd0ad02d37dc8de4145cdd5af9db50
a356d1590c61de7e227bf4c4e96503b63277a516facb286be5740ae0b408c277
a369fd181c398e80fa927923b46d20cd3e06e798ce196c6d430b4cb574a6fda3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a887e6a82f7360f6754a309f45fa51b3ab0bfacba2e016a014c7d65c171ded40
a972f04b8d1b297f16df43bfa182239cb2a658a9e44fbc3659d4296c9dc2afb0
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
af91c5a0fa2b20fe78168e7c9831390c7b31c86be0a4aef09ce2e1c0ad359cdc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b415eba27e079dcf82b5e30a282429cd69a562b5b3e14f6b91ee37b399046ca8
b4184d3123118b3c6a5a52d29ed4c256d449edf9c547802e6837f5149fccd903
b4917304520aff5ae66d1042f3fc86e5ef60cfc5b0923ce854a7fd9ac680e030
b6de8119595bb45e2484723c13ad43a30dde09a87eec93060f8330c97d927362
b75d6911134788440bf7213857fb1d34eb9b862b96b2842b50a819ba8cb41035
b9913c600126d5bf93ad1d4493f7efc461fc3465a10a4d4f3c8fda9b7c50f607
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99
c86126948dcef8cd3021987de9ee4065bdfe007d182d7448b696b5dc09410e0a
ca595090cd48606f84d5e0dd334f1289bcbcf6914f3766e2242ecfed03bbfcdd
cae5d5def35882e2411d858ef4ae333a8e027f7052e2be63c8b2ef33b2408a5f
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1a3b8bc80b261fa102ed37065138ad74c7f4fd74e83f342af8d61e8f00ce296
d45531108c42de7f887695a011c5d10381738bbddc10bbb358ab4f3e456f6dfc
d557db6011cea5f6acd195dae7c6fd17772ac0eb77723a27d8374d64eb54ffd2
d66cfa52063105bea54ef067d7b3aea76077aac4d4186c70994bb4bda29ee1c4
d67c20d8c54d29d417f4c7956c3b5b62cd00798f4ef6dfbb8d39aeb7bb16ea34
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
db8f0977a289152f72e73873f9ed1cc67f10cfe158d024b07f71a5ca76881765
de08c856156a6819b51c58e9163a77f9acffa17d20792f5b75db142a0c56010d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824
e7d78beace592fabbe300d4ea1518bd5bf1470a34cfd15ef818bd5e6bf50e495
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
f41678f1d8b87cabdb3f8570e1ad2872e9d7c011cfc99e62bdeb87313227dafc
f8042ba2ca4dde17599ff896c67a55764357e7e050b951ff24e230610b3dd888
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fa3287dbe9c1472f383291f857244398ff76fb5d8c3c4ea84f4a638b684102fb
fae5abfcf402cc12ba6f0a38e0b7b3d171702acd721e53424ef08169c1ed2d60
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

imgbb.com Open in urlscan Pro 46.229.170.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

202 Requests

90 %HTTPS

41 %IPv6

32 Domains

50 Subdomains

34 IPs

6 Countries

1685 kBTransfer

4536 kBSize

30 Cookies

34 Outgoing links

Page URL History

Redirected requests

202 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

imgbb.com Open in urlscan Pro
46.229.170.2 Public Scan

Screenshot
Live screenshot

Full Image

202
Requests

90 %
HTTPS

41 %
IPv6

32
Domains

50
Subdomains

34
IPs

6
Countries

1685 kB
Transfer

4536 kB
Size

30
Cookies

202 HTTP transactions
7 data transactions