185.80.196.79.sslip.io Open in urlscan Pro
185.80.196.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://185.80.196.79.sslip.io/
Submission: On December 20 via api (December 20th 2023, 12:13:38 pm UTC) from US — Scanned from US

Summary HTTP 157 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 30 domains to perform 157 HTTP transactions. The main IP is 185.80.196.79, located in Sydney, Australia and belongs to AS-TEKNOSOS-INT, TR. The main domain is 185.80.196.79.sslip.io.
TLS certificate: Issued by R3 on December 20th 2023. Valid for: 3 months.

This is the only time 185.80.196.79.sslip.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	185.80.196.79 185.80.196.79	207459 (AS-TEKNOS...) (AS-TEKNOSOS-INT)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1	2606:4700:20:... 2606:4700:20::6819:2f07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
22	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:215f:a800:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
2	52.85.107.191 52.85.107.191	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b110:b9d7:5d50:f444:5e53	14618 (AMAZON-AES) (AMAZON-AES)
1	34.206.231.187 34.206.231.187	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
6 8	34.232.211.7 34.232.211.7	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.225.195.75 13.225.195.75	16509 (AMAZON-02) (AMAZON-02)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:ed:... 2600:1f18:ed:550e:3daf:be5a:6a09:50	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
4 5	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 2	52.204.112.221 52.204.112.221	14618 (AMAZON-AES) (AMAZON-AES)
1 2	23.216.137.114 23.216.137.114	16625 (AKAMAI-AS) (AKAMAI-AS)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	50.31.142.191 50.31.142.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	52.5.50.31 52.5.50.31	14618 (AMAZON-AES) (AMAZON-AES)
6	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
11	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
8	2606:4700::68... 2606:4700::6813:d383	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	51.222.11.129 51.222.11.129	16276 (OVH) (OVH)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
25	185.167.164.45 185.167.164.45	198622 (ADFORM) (ADFORM)
1	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
157	30

9 185.80.196.79 (Sydney, Australia)

ASN207459 (AS-TEKNOSOS-INT, TR)

185.80.196.79.sslip.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

content.swncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.teachertube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.swncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:2f07 (United States)

ASN13335 (CLOUDFLARENET, US)

www.teachertube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215f:a800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.107.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-107-191.yul62.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:b9d7:5d50:f444:5e53 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.231.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-231-187.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.232.211.7 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-211-7.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.195.75 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-75.yul62.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:3daf:be5a:6a09:50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.211.178.172 (North Charleston, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.204.112.221 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-112-221.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.216.137.114 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-137-114.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:824c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.191 (Chicago, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.50.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-50-31.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6813:d383 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.222.11.129 (Canada)

ASN16276 (OVH, FR)
PTR: ns5004418.ip-51-222-11.net

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 185.167.164.45 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	adform.net a2.adform.net — Cisco Umbrella Rank: 8098 s2.adform.net — Cisco Umbrella Rank: 6115	487 KB
26	teachertube.com cdn.teachertube.com — Cisco Umbrella Rank: 830005 www.teachertube.com — Cisco Umbrella Rank: 754294	1 MB
16	googlesyndication.com d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	69 KB
15	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	204 KB
12	liadm.com 7 redirects b-code.liadm.com — Cisco Umbrella Rank: 2977 rp.liadm.com — Cisco Umbrella Rank: 1632 rp4.liadm.com — Cisco Umbrella Rank: 6685 i.liadm.com — Cisco Umbrella Rank: 517 i6.liadm.com — Cisco Umbrella Rank: 2358	23 KB
9	sslip.io 185.80.196.79.sslip.io	725 KB
8	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5638	204 KB
8	swncdn.com content.swncdn.com — Cisco Umbrella Rank: 162222 media.swncdn.com — Cisco Umbrella Rank: 92755	67 KB
7	servedbyadbutler.com servedbyadbutler.com — Cisco Umbrella Rank: 12568	30 KB
5	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	2 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	213 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	1 KB
2	mgid.com 2 redirects cm.mgid.com — Cisco Umbrella Rank: 1303	899 B
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1554	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	694 B
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1785	2 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306	73 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	85 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	998 B
1	azurewebsites.net lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 29736	1 KB
1	rkdms.com 1 redirects mid.rkdms.com — Cisco Umbrella Rank: 1698	433 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	364 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1349	416 B
1	pippio.com pippio.com — Cisco Umbrella Rank: 777	569 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 825	1 KB
157	30

	Domain	Requested by
25	s2.adform.net	a2.adform.net s2.adform.net 185.80.196.79.sslip.io d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
25	cdn.teachertube.com	185.80.196.79.sslip.io
12	securepubads.g.doubleclick.net	185.80.196.79.sslip.io securepubads.g.doubleclick.net d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com www.googletagservices.com
11	a2.adform.net	d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com servedbyadbutler.com s2.adform.net
9	185.80.196.79.sslip.io	185.80.196.79.sslip.io
8	www.lightboxcdn.com	185.80.196.79.sslip.io www.lightboxcdn.com
8	i.liadm.com	6 redirects b-code.liadm.com i.liadm.com
7	servedbyadbutler.com	d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com servedbyadbutler.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	tpc.googlesyndication.com	d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	content.swncdn.com	185.80.196.79.sslip.io
5	x.bidswitch.net	4 redirects i.liadm.com
4	d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com 185.80.196.79.sslip.io
3	www.googletagservices.com	d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
3	www.google.com	185.80.196.79.sslip.io tpc.googlesyndication.com
3	www.googletagmanager.com	185.80.196.79.sslip.io www.googletagmanager.com
2	b1sync.zemanta.com	2 redirects
2	cm.mgid.com	2 redirects
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	1 redirects i.liadm.com
2	match.adsrvr.org	2 redirects
2	live.rezync.com	2 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	c.amazon-adsystem.com	media.swncdn.com c.amazon-adsystem.com
2	media.swncdn.com	185.80.196.79.sslip.io
2	cdnjs.cloudflare.com	185.80.196.79.sslip.io cdnjs.cloudflare.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.lightboxcdn.com
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	mid.rkdms.com	1 redirects
1	dis.criteo.com	i.liadm.com
1	d.turn.com	1 redirects
1	i6.liadm.com	i.liadm.com
1	pippio.com	i.liadm.com
1	p.rfihub.com	1 redirects
1	rp4.liadm.com	185.80.196.79.sslip.io
1	rp.liadm.com	1 redirects
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	b-code.liadm.com	185.80.196.79.sslip.io
1	www.teachertube.com	185.80.196.79.sslip.io
157	42

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.teachertube.com
www.salemwebnetwork.com
help.salemwebnetwork.com
salemmedia.com

Subject Issuer	Validity	Valid
185.80.196.79.sslip.io R3	`2023-12-20` - `2024-03-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.swncdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-14`	a year	crt.sh
*.teachertube.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-08` - `2024-01-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
lightboxcdn.com Cloudflare Inc ECC CA-3	`2023-10-09` - `2024-10-08`	a year	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-03` - `2024-01-03`	3 months	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 02	`2023-10-31` - `2024-06-27`	8 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://185.80.196.79.sslip.io/
Frame ID: E7C69E76740C2B2BDA6AAF25FE821DA2
Requests: 79 HTTP requests in this frame

Frame: https://185.80.196.79.sslip.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: 26A6FB9D847340785B7EFC60B1AEB210
Requests: 1 HTTP requests in this frame

Frame: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D790322E121D629746BAC6D3996E1DAA
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-06v4?duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&euns=0&s=&version=v2.11.2&
Frame ID: 4800DAB00F38BB0BA2372536F8B5AD97
Requests: 8 HTTP requests in this frame

Frame: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C3E1FC3AC8945349209A681DF0B86277
Requests: 14 HTTP requests in this frame

Frame: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5001114A7A8EF82C82234B86E3908E54
Requests: 9 HTTP requests in this frame

Frame: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8CC7AC33C43EEA2B3D6B15124DF13B80
Requests: 11 HTTP requests in this frame

Frame: https://a2.adform.net/adfscript/?bn=70093636;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsslB2ffPnxnkIOFsfCorWVawdKAhpLjn3qb4kyNw2XnDEIDSGPLwkbxBCHxcMUpOaHgu_eV8Osgcj1nrnI7lNl-zndAms-tHJSZgTVOzDvH3RfqlQRDP-FQEkVbnQaXXTn4rrzDeRF6rMMBfCUkYUPr0AQEJyB50jDuMLzVL_IpN-vtSWO6-ev5dBqnTM1EhXkmxRGw6w3zF_eh70QYCfr_8Zkh75wq0dZg5M_zMnM0pVFDPSrttqowFjjNb2IlZsmHA5k-P8lh6cUFasxHNHPJdp-nhBa7IDjizu6Ti19JGeGRyJxk6-65jowbQeYbvXoAPeugCXz4j9ja3ZLwbpiqQZyH6syi-9v4nmXVaLW2eunfO6PpNJ-GYO07hWJ2d4m0_HO_XlOlVWOYzkUieROxvw&sai=AMfl-YTX4I5SfkyyKpI010f4ysXAvIOluyapzw4n5lqHG1MvJaifKRce-ncgdcJhLh3EI25fPXuAn87IChet2_IzXdUymc3cmkVN-MPgS28jC82UxQilca3fN6sej-SKMA&sig=Cg0ArKJSzIhPOdooKmpIEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://servedbyadbutler.com/redirect.spark?MID=181133&plid=2274346&setID=600389&channelID=20392&CID=751993&banID=521589681&PID=0&textadID=0&tc=1&scheduleID=2194714&adSize=300x250&mt=1703074412580692&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F&hc=f12f283412f530d773af42cadec28bd652ce2ee9&location=
Frame ID: F8A16A1FD493102DDE2A385B1F315CFF
Requests: 7 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox.js?mb=1703074412631&lv=1
Frame ID: 960BED9002D3D337BA7B883D58E95DFE
Requests: 2 HTTP requests in this frame

Frame: https://a2.adform.net/adfscript/?bn=70093631;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuSfVD5TzDnCWjN3HCOwYY-96cI9aitXs_H69v51ucs2rz8T0fmHc79D26jDbkUvFTE7RkmXI-NEQLoy2BEjE7XSxQLwBBHabBgg2ZzKXPRWYJr26hsoOotR8FqDpiWUTJDQoU5-uACvfPtx9UkBTcuPGvBWT5PS8JLRFXpI5TeSTAG75y5adNdIz_D73AclwhMwitaYeog9Qu6bR7zQKS-QsDcYcp7Q6HQTV1FWDKq-41xLlv0je9StKdsMR2kDvd6Drvk2XGX_alBfnL4xzbIYOl8hQzdsOjK7PFU4hldxs7N5dSgnO7Us5UETm-g99OKp5TrqEjoEguEdJODyDvy74rwVeal85-W6NBXQfk42UxejxOwHUmM12kyVZpYPw6gfWpcOuOeSHt-MSN4COxlsQ&sai=AMfl-YSfNT5mV0aK5XgD_k5u4akKEsG14Kc8rcfAp7m8RDUomhHS3j_Ou_GkzEI9giaNXunXY-y51Q5xtAu2ez7ScC_kiHZ2v7vFoVXI8DyUG8iDI1OFR_exmF9TFF2kdCs&sig=Cg0ArKJSzJDPxDOCamc7EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://servedbyadbutler.com/redirect.spark?MID=181133&plid=2274346&setID=600396&channelID=20392&CID=751993&banID=521589684&PID=0&textadID=0&tc=1&scheduleID=2194714&adSize=728x90&mt=1703074412660928&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F&hc=a19d1801918ae9f4e8fe19b4511f1be40eb4a008&location=
Frame ID: F978ACEE007D76A8E0C6928F2E8C1DE8
Requests: 8 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox_builder.js?cb=638017198397572777
Frame ID: 45080EAF8F70945490F3106CA69DC0E2
Requests: 3 HTTP requests in this frame

Frame: https://s2.adform.net/Banners/Elements/Files/140944/12104907/12104907.js?ADFassetID=12104907&bv=259
Frame ID: CE65129E0A7907AA09E8F211DDD1D801
Requests: 7 HTTP requests in this frame

Frame: https://s2.adform.net/Banners/Elements/Files/140944/12104904/12104904.js?ADFassetID=12104904&bv=259
Frame ID: A56BC4450DB7041AC35253E5BE1241A5
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F7ED4A62A6BEE923CF68292A76D16466
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1D923881916F3A5ADD7DF9D266A1450
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TeacherTube Educational Videos for the School Classroom and Home - Including Educational Songs, History Videos, Student Videos and Math Videos

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

157
Requests

96 %
HTTPS

49 %
IPv6

30
Domains

42
Subdomains

30
IPs

4
Countries

3476 kB
Transfer

8428 kB
Size

53
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/fansofteachertube

Search URL Search Domain Scan URL

URL: https://twitter.com/teachertube

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/graphing-quadratic-inequalities-on-desmos-507405
Title: Graphing Quadratic Inequalities on Desmos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/gender-and-number-in-spanish-506259
Title: Gender and Number in Spanish

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/module-4-spanish-grammar-lesson-506176
Title: Module 4-Spanish Grammar Lesson

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/how-to-enter-a-table-into-desmos-calculator-506012
Title: How to Enter a Table into Desmos Calculator

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/spanish-ii-preterite-and-imperfect-505990
Title: Spanish II Preterite and Imperfect

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/how-to-write-perfect-essay-505933
Title: How To Write Perfect Essay

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/swaying-oranges-after-effects-tutorial-505872
Title: Swaying Oranges | After Effects Tutorial

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/sign-language-505730
Title: Sign Language

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/over-in-the-meadow-505433
Title: Over in the Meadow

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/weather-vs-climate-504995
Title: Weather VS Climate

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/college-and-university
Title: College and University

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/householder-teacher-tube-511575

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/technology-demonstration-511501

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/introduction-to-angle-classification-scratch-story-511206

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/website-tour-511204

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school
Title: High School

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/video2-perpendicular-slope-508058

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/perimeter-and-area-using-algebra-508041

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/video4graph-lines-y-910x-508038

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/review-reminder-for-finals-507921

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/middle-school
Title: Middle School

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/french-indian-war-notes-511187

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/pbl-research-lesson-508051

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/pbl-research-lesson-508050

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/creating-your-portfolio-checklist-507421

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary
Title: Elementary

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/parachutes-508044

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/tic-tac-toe-subtraction-game-507946

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/balloons-over-broadway-507940

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/lessons-with-pam-how-to-catch-a-turkey_read-make-do-507936

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/kids-educational-songs
Title: Kids Educational Songs

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/resemble-502048

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/fly-away-501998

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/the-bear-went-over-the-mountain-501163

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/left-right-visual-500835

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/
Title: TeacherTube

Search URL Search Domain Scan URL

URL: https://www.salemwebnetwork.com/
Title: Salem Web Network

Search URL Search Domain Scan URL

URL: http://help.salemwebnetwork.com/support/solutions/161496
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/science
Title: Science Education Videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary/science/educational-songs
Title: educational songs

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/college-and-university/science/chemical-engineering
Title: chemical engineering

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/math
Title: Math Education Videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary/math/fractions
Title: fractions

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary/math/measurement
Title: measurements

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary/math/money
Title: money management

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school/math/trigonometry
Title: trigonometry

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school/math/probability-and-statistics
Title: probability and statistics

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/history
Title: History Education Videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school/history/pre-history
Title: prehistory

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/all/history/ancient-history
Title: ancient history

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school/history/civil-war
Title: civil war

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/middle-school/history/civilizations
Title: world civilizations

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/social-studies
Title: Social Studies Education Videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/economic-vocabulary-477437
Title: economics terminology

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/high-school/social-studies/cultures
Title: cultures

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/language-arts
Title: Language Arts Education Videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/elementary/language-arts/speech
Title: videos

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/categories/college-and-university/language-arts/communications
Title: general communications

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/circulatory-system-196915
Title: circulatory system

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/polynomial-funk-120024
Title: polynomials

Search URL Search Domain Scan URL

URL: https://www.teachertube.com/videos/st-patricks-day-irish-eyes-261827
Title: St. Patrick's Day

Search URL Search Domain Scan URL

URL: https://salemmedia.com/salem-web-network-privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://salemmedia.com/ccpa-sale-opt-out/
Title: California - Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://salemmedia.com/salem-web-network-ccpa-privacy-notice-for-california-residents/
Title: California - CCPA Notice

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://rp.liadm.com/j?dtstmp=1703074412058&aid=a-06v4&se=e30&duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&tna=v2.11.2&pu=https%3A%2F%2F185.80.196.79.sslip.io%2F&wpn=lc-bundle&c=PHRpdGxlPlRlYWNoZXJUdWJlIEVkdWNhdGlvbmFsIFZpZGVvcyBmb3IgdGhlIFNjaG9vbCBDbGFzc3Jvb20gYW5kIEhvbWUgLSBJbmNsdWRpbmcgRWR1Y2F0aW9uYWwgU29uZ3MsIEhpc3RvcnkgVmlkZW9zLCBTdHVkZW50IFZpZGVvcyBhbmQgTWF0aCBWaWRlb3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGZyZWUgY29tbXVuaXR5IGZvciBzaGFyaW5nIGluc3RydWN0aW9uYWwgdmlkZW9zLCBFZHVjYXRpb25hbCBTb25ncywgSGlzdG9yeSBWaWRlb3MsIFN0dWRlbnQgVmlkZW9zLCBNYXRoIFZpZGVvcywgYW5kIG90aGVyIGNvbnRlbnQgZm9yIHRlYWNoZXJzIGFuZCBzdHVkZW50cy4gV2UgYXJlIGFuIGVkdWNhdGlvbiBmb2N1c2VkLCBzYWZlIHZlbnVlIGZvciB0ZWFjaGVycywgc2Nob29scywgYW5kIGhvbWUgc2Nob29sZXJzIHRvIGFjY2VzcyBlZHVjYXRpb25hbCBmb3IgdGhlIGNsYXNzcm9vbSBhbmQgaG9tZSBsZWFybmluZy4iPjxoMT5UZWFjaGVydHViZS5jb20sIHlvdXIgRWR1Y2F0aW9uIFZpZGVvIFJlc291cmNlIEZvciBDb2xsZWdlLCBIaWdoIFNjaG9vbCwgTWlkZGxlIFNjaG9vbCBhbmQgRWxlbWVudGFyeSBTY2hvb2w8L2gxPg HTTP 302
https://rp4.liadm.com/j?se=e30&duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&aid=a-06v4&tna=v2.11.2&dtstmp=1703074412058&n3pc=true&wpn=lc-bundle&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTozNzM5OjNjNDM6ZjM5Yg%3D%3D&pu=https%3A%2F%2F185.80.196.79.sslip.io%2F&c=PHRpdGxlPlRlYWNoZXJUdWJlIEVkdWNhdGlvbmFsIFZpZGVvcyBmb3IgdGhlIFNjaG9vbCBDbGFzc3Jvb20gYW5kIEhvbWUgLSBJbmNsdWRpbmcgRWR1Y2F0aW9uYWwgU29uZ3MsIEhpc3RvcnkgVmlkZW9zLCBTdHVkZW50IFZpZGVvcyBhbmQgTWF0aCBWaWRlb3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGZyZWUgY29tbXVuaXR5IGZvciBzaGFyaW5nIGluc3RydWN0aW9uYWwgdmlkZW9zLCBFZHVjYXRpb25hbCBTb25ncywgSGlzdG9yeSBWaWRlb3MsIFN0dWRlbnQgVmlkZW9zLCBNYXRoIFZpZGVvcywgYW5kIG90aGVyIGNvbnRlbnQgZm9yIHRlYWNoZXJzIGFuZCBzdHVkZW50cy4gV2UgYXJlIGFuIGVkdWNhdGlvbiBmb2N1c2VkLCBzYWZlIHZlbnVlIGZvciB0ZWFjaGVycywgc2Nob29scywgYW5kIGhvbWUgc2Nob29sZXJzIHRvIGFjY2VzcyBlZHVjYXRpb25hbCBmb3IgdGhlIGNsYXNzcm9vbSBhbmQgaG9tZSBsZWFybmluZy4iPjxoMT5UZWFjaGVydHViZS5jb20sIHlvdXIgRWR1Y2F0aW9uIFZpZGVvIFJlc291cmNlIEZvciBDb2xsZWdlLCBIaWdoIFNjaG9vbCwgTWlkZGxlIFNjaG9vbCBhbmQgRWxlbWVudGFyeSBTY2hvb2w8L2gxPg

Request Chain 69

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=f4b19280-2985-4eec-86ab-d60769673007%3A1703074412.355907&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Df4b19280-2985-4eec-86ab-d60769673007%253A1703074412.355907%26pid%3D500040%26it%3D1%26iv%3Df4b19280-2985-4eec-86ab-d60769673007%253A1703074412.355907%26_%3D1703074412.3590918&cb=1703074412.3591363 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969751695971022312&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Df4b19280-2985-4eec-86ab-d60769673007%253A1703074412.355907%26pid%3D500040%26it%3D1%26iv%3Df4b19280-2985-4eec-86ab-d60769673007%253A1703074412.355907%26_%3D1703074412.3590918 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=f4b19280-2985-4eec-86ab-d60769673007%3A1703074412.355907&pid=500040&it=1&iv=f4b19280-2985-4eec-86ab-d60769673007%3A1703074412.355907&_=1703074412.3590918 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1703074412.3590918&iv=f4b19280-2985-4eec-86ab-d60769673007:1703074412.355907

Request Chain 70

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=85a36ab5-c654-4f14-8ecb-5441544fc531 HTTP 303
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=85a36ab5-c654-4f14-8ecb-5441544fc531

Request Chain 71

https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3023469083165232987 HTTP 303
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=ebc49df3-3cf8-4c8c-960b-e3b43d29159b&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=363c2c32-5f59-46ac-a1f4-e31b68f242b6 HTTP 303
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b

Request Chain 72

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b&rd=Y

Request Chain 74

https://x.bidswitch.net/sync?ssp=liveintent&user_id=ebc49df3-3cf8-4c8c-960b-e3b43d29159b HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=ebc49df3-3cf8-4c8c-960b-e3b43d29159b HTTP 302
https://cm.mgid.com/m?cdsp=146480&gdpr=&gdpr_consent=&us_privacy=&adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dliveintent%26user_id%3D%7Bmuidn%7D%26bsw_param%3D363c2c32-5f59-46ac-a1f4-e31b68f242b6%26expires%3D10%26gdpr%3D%26gdpr_consent%3D HTTP 307
https://cm.mgid.com/m?adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dliveintent%26user_id%3D%7Bmuidn%7D%26bsw_param%3D363c2c32-5f59-46ac-a1f4-e31b68f242b6%26expires%3D10%26gdpr%3D%26gdpr_consent%3D&cdsp=146480&gdpr=&gdpr_consent=&us_privacy=&sct=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=303&ssp=liveintent&user_id=nbkwnOQrM_d4&bsw_param=363c2c32-5f59-46ac-a1f4-e31b68f242b6&expires=10&gdpr=&gdpr_consent= HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=363c2c32-5f59-46ac-a1f4-e31b68f242b6

Request Chain 75

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__&s=2 HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=M50iYvO0PV5zygAoL__5 HTTP 303
https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b&liid=&_ct=im HTTP 302
https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=448c8eb9d8784dc0acd78b7bddbbe67a HTTP 303
https://x.bidswitch.net/sync?dsp_id=42&user_id=

157 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
185.80.196.79.sslip.io/ 51 KB
12 KB 1338ms
796ms Document
text/html 185.80.196.79
AS-TEKNOSOS-INT

General

Check archive.org

Show headers Download Go to

Full URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.196.79 Sydney, Australia, ASN207459 (AS-TEKNOSOS-INT, TR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 326cb3f43bc4866956a8a7f3eadc01dafd6db85dbd1fc7cfc1494aaef5ba5742

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.teachertube.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8387ccb80c86b30f-BEG
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 20 Dec 2023 12:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tssyvfU7101DSqPsLFpNR1hzhgvmSZ1rNF3MR8O3M%2F2y%2FYNjQYq5cirAVJkjj8%2FuY6878%2BuDLRH04f91qinbJz47Rmi6ZrZCcWIvuqgcIk%2Fm%2BtQKnM6JwydSDaxfIzgql%2FMmxWo%3D"}],"group":"cf-nel","max_age":604800}
server: nginx/1.24.0
vary: Accept-Encoding

GET
H2 200 styles.css
185.80.196.79.sslip.io/dist/ 213 KB
34 KB 823ms
822ms Stylesheet
text/css 185.80.196.79
AS-TEKNOSOS-INT

General

Check archive.org

Show headers Download Go to

Full URL: https://185.80.196.79.sslip.io/dist/styles.css?v=MOzEbqwFov7lBiFAh6_d3FpFMFuHWyrlMYhDjDB5cvI
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.196.79 Sydney, Australia, ASN207459 (AS-TEKNOSOS-INT, TR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 30ecc46eac05a2fee506214087afdddc5a45305b875b2ae53188438c307972f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:31 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: nginx/1.24.0
etag: W/"1d99dfd8651999d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoNbzJOxbePhKetq13irDKV5cGdyeOGD0p2U2aaIzuirpo3lSwNQZ2G5Qnr9dVXt%2FhBS8EiIejVmkBIjCQ0FE9tmkHVm3GqIAiRmiiVY06yJpC2JTsFyqbpvtQRfnLoNsXLCzd0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 8387ccbcbe52b01d-BEG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/ 55 KB
10 KB 26ms
11ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css

Requested by

Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1834150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9939
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-da9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4f0MMsi0DNz9oy6S2LkqEznPmCc1wVR4ErdBHdMyi8Gm5DtTn4HX2hefDk5sV3prfTH9YE4Ysry8rRdB%2B7QBZa2FWBFTGoJ9LxeBRxuP4X2VVVe%2B9sBGhYIh0hJg7%2BUIlBGczsHX%2BjznmvpPBBrGNhSo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8387ccbc08c94313-EWR
expires: Mon, 09 Dec 2024 12:13:30 GMT

GET
H2 200 science.svg
content.swncdn.com/teachertube/ 674 B
1 KB 71ms
16ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/science.svg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: af3a6ad1716cb90c3c3391eec1ca45bf595644de5a6e9112f4440a5298467eec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1702579499
x-cf3: H
content-md5: 9Y1yxi4DrmwNYMOw5ZQSdA==
cf4ttl: 2592000.000
x-cf1: 34157:fP.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 218c5d9595708f39d63dac323152d867
content-length: 674
x-cf2: H
last-modified: Thu, 14 Jan 2021 20:26:31 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B8CAAE3C2CB7
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 math.svg
content.swncdn.com/teachertube/ 546 B
899 B 68ms
14ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/math.svg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 58db6e642a5c93a30ac885003bc145ba1350a8c38a4a200b7a6b113ab51f8c8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1702579499
x-cf3: H
content-md5: UwFbr6h2P2Y09xD0Jc852w==
cf4ttl: 2592000.000
x-cf1: 34157:fP.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 92a4d7765f0cb0cb04ac10058d827994
content-length: 546
x-cf2: H
last-modified: Thu, 14 Jan 2021 20:26:31 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B8CAAE3C05A7
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 history.svg
content.swncdn.com/teachertube/ 632 B
985 B 69ms
17ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/history.svg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 08db8744e1e40d0dea90de30c0019e235218d99ced1629cfea8a90e2a5a419a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1702579499
x-cf3: H
content-md5: Ce+K1bpmjSwACNJOWKk8ow==
cf4ttl: 2592000.000
x-cf1: 34157:fP.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 06ef853b940b9528e717add0944b0401
content-length: 632
x-cf2: H
last-modified: Thu, 14 Jan 2021 20:26:31 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B8CAAE37BF2F
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 social.svg
content.swncdn.com/teachertube/ 1 KB
2 KB 68ms
16ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/social.svg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: af74e1a011da94fd4b962c03b77c284344511432ecf9154845f058c96bd02cd4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1702579499
x-cf3: H
content-md5: l0+Z8t13j5zL92t13x0Cbw==
cf4ttl: 2592000.000
x-cf1: 34157:fP.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 26d34eaf906c0bfad81de6c0b46538bf
content-length: 1238
x-cf2: H
last-modified: Fri, 15 Jan 2021 17:04:46 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B977A9392CE9
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes
x-cf-rand: 2.448

GET
H2 200 language.svg
content.swncdn.com/teachertube/ 553 B
920 B 67ms
15ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/language.svg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 56d534d2c384bd82d8e92a7c9b9ab3f2e3f5581f231510c627b38f101c3b3502

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1702579499
x-cf3: H
content-md5: omjwsGsWn6e1TK/zE5uFAA==
cf4ttl: 2592000.000
x-cf1: 34157:fP.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: b94527485b3b2546957fff65dcb6d68f
content-length: 553
x-cf2: H
last-modified: Thu, 14 Jan 2021 21:14:14 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B8D158BCAE1F
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes
x-cf-rand: 0.687

GET
H2 200 song.svg
content.swncdn.com/teachertube/ 499 B
866 B 69ms
18ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.swncdn.com/teachertube/song.svg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5db2e80e3f29328a362c9753db36f09f118635b697e29e45987bdc97a7f7bbc4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1702579499
x-cf3: H
content-md5: OEWkvAcWsMDrphnS2H4Eqg==
cf4ttl: 2592000.000
x-cf1: 34157:fP.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 9ccafa19ff37d90af89ab62f7f240aec
content-length: 499
x-cf2: H
last-modified: Thu, 14 Jan 2021 20:26:31 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8B8CAAE3770F9
content-type: image/svg+xml
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes
x-cf-rand: 4.226

GET
H2 200 desmos-_-graphing-calculator000.jpg
cdn.teachertube.com/uploads/videos/2021/10/04/507405/ 46 KB
46 KB 86ms
13ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/10/04/507405/desmos-_-graphing-calculator000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ed7d9336de582248857dbf01b186a480a5c57337b5516e3e01dff1a26005c7b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 1737510.625
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 3f9b1d142a4f9fd46ac61f518ee1137d
content-length: 46667
x-cf2: H
last-modified: Mon, 04 Oct 2021 21:35:21 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9877EDE5F7906
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 854489
accept-ranges: bytes
x-cf-rand: 0.354

GET
H2 200 module-5_-screencastify-project-google-slides000.jpg
cdn.teachertube.com/uploads/videos/2021/06/14/506259/ 40 KB
40 KB 79ms
6ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/06/14/506259/module-5_-screencastify-project-google-slides000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: a5d7fef8fe761435ea4a85dc28fda75e42a782187bf9289a53cd6d2f49507966

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.500
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: dd6d88dceb3a35298d66862bf0fd9762
content-length: 40751
x-cf2: H
last-modified: Mon, 14 Jun 2021 01:05:12 GMT
server: CFS 0215
x-cff: B
etag: 0x8D92ED0767C6973
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2594471
accept-ranges: bytes
x-cf-rand: 6.316

GET
H2 200 module-4-spanish-grammar-video000.jpg
cdn.teachertube.com/uploads/videos/2021/06/05/506176/ 27 KB
28 KB 80ms
7ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/06/05/506176/module-4-spanish-grammar-video000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: e0f23fa5ba218f00f5039678455f7be32b113009048a71802bc7bb6f7e6f3606

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: e8191d829e0125d4521fc0a55c32ba6b
content-length: 27861
x-cf2: H
last-modified: Sat, 05 Jun 2021 19:47:29 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9285AC0E7BE21
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes

GET
H2 200 how-to-enter-a-table-in-desmos-calculator000.jpg
cdn.teachertube.com/uploads/videos/2021/05/19/506012/ 60 KB
60 KB 82ms
9ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/05/19/506012/how-to-enter-a-table-in-desmos-calculator000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 882131fea024d9277f69936dce728fdf9376589f7dcb51c81794ccab173dbd10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 104b2773e289aa9738fcf1ea8ec91dcc
content-length: 60982
x-cf2: H
last-modified: Wed, 19 May 2021 00:43:32 GMT
server: CFS 0215
x-cff: B
etag: 0x8D91A5F20ECCCCA
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes

GET
H2 200 win_20210514_16_34_55_pro000.jpg
cdn.teachertube.com/uploads/videos/2021/05/14/505990/ 34 KB
35 KB 26ms
23ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/05/14/505990/win_20210514_16_34_55_pro000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b6063f4c908efee944c87b02f8ddd54e55d60fb495fe2d95fad3c964fa8d0d5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.500
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 5068354ebdb57f657d9649757fa6324e
content-length: 34886
x-cf2: H
last-modified: Fri, 14 May 2021 22:58:22 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9172BC623DF7E
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2594471
accept-ranges: bytes
x-cf-rand: 0.685

GET
H2 200 how-to-write-the-perfect-essay-exams-and-assignments000.jpg
cdn.teachertube.com/uploads/videos/2021/05/09/505933/ 32 KB
32 KB 33ms
30ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/05/09/505933/how-to-write-the-perfect-essay-exams-and-assignments000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 590b1c85090cd7d76f56b31adb1ff050ef8aabf6ad535e603cc7a8e0454eaac3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.500
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 9ae1b41fd3f7f61197be32767fa44185
content-length: 32719
x-cf2: H
last-modified: Sun, 09 May 2021 18:17:48 GMT
server: CFS 0215
x-cff: B
etag: 0x8D91316C080B243
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2594471
accept-ranges: bytes
x-cf-rand: 3.587

GET
H2 200 after-effects-oranges-tutorial000.jpg
cdn.teachertube.com/uploads/videos/2021/05/04/505872/ 56 KB
56 KB 32ms
29ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/05/04/505872/after-effects-oranges-tutorial000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 71dd5d9c9b1daecd546edf5fc5634e48201cfa411c4386cedfd94329c69d32b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.500
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: e0e0bc3afcf281bdb0d38738b76f704a
content-length: 57050
x-cf2: H
last-modified: Tue, 04 May 2021 02:39:50 GMT
server: CFS 0215
x-cff: B
etag: 0x8D90EA5E3CD3CAB
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2594471
accept-ranges: bytes
x-cf-rand: 4.369

GET
H2 200 20210401_095735000.jpg
cdn.teachertube.com/uploads/videos/2021/04/21/505730/ 32 KB
32 KB 15ms
12ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/04/21/505730/20210401_095735000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d932243e46a23ec66e87cfaa3390f5426459bdb89f6920d25e78f4e0a0387eef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: ab24af8c04bb264f5d4e5fb4b648d716
content-length: 32536
x-cf2: H
last-modified: Wed, 21 Apr 2021 02:23:52 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9046C814E7A93
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes

GET
H2 200 yt1scom-over-in-the-meadow-kinder-1st-grade-elementary-music-lesson-counting-animals_360p000.jpg
cdn.teachertube.com/uploads/videos/2021/03/31/505433/ 10 KB
11 KB 27ms
24ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/03/31/505433/yt1scom-over-in-the-meadow-kinder-1st-grade-elementary-music-lesson-counting-animals_360p000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b885e9ca55ffd164b37ed4e3316f8a88f7b5c5fdc6920b8a2c5fdd0e89ca0eaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.500
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 26bd0fcbfae34a61bb8b37983c642cea
content-length: 10498
x-cf2: H
last-modified: Wed, 31 Mar 2021 21:46:42 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8F48E78DC0871
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2594471
accept-ranges: bytes
x-cf-rand: 4.399

GET
H2 200 weather-vs-climate-video-for-kids-_-3rd-4th-5th-grade000.jpg
cdn.teachertube.com/uploads/videos/2021/03/05/504995/ 55 KB
56 KB 24ms
21ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/03/05/504995/weather-vs-climate-video-for-kids-_-3rd-4th-5th-grade000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 583edc8fb897ec5ebc6dd3c54679ce9f8d3d4454e2c8d00561e88897ddd21839

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.500
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 7eb919542c3533dc1529f22506829067
content-length: 56488
x-cf2: H
last-modified: Fri, 05 Mar 2021 01:08:14 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8DF7326EA2554
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2594471
accept-ranges: bytes
x-cf-rand: 1.141

GET
H2 200 my-movie-11002.jpg
cdn.teachertube.com/uploads/videos/2022/10/08/511575/ 37 KB
37 KB 33ms
30ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2022/10/08/511575/my-movie-11002.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: e909e1c0b2634f8f16c9a9c2cbd515667f22b98470ece970f85bc75886a9ec38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.500
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: b50bb35fe43c27358d87703f5da79606
content-length: 37425
x-cf2: H
last-modified: Sat, 08 Oct 2022 20:02:30 GMT
server: CFS 0215
x-cff: B
etag: 0x8DAA9680875C675
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2594471
accept-ranges: bytes
x-cf-rand: 8.169

GET
H2 200 img_0550000.jpg
cdn.teachertube.com/uploads/videos/2022/10/02/511501/ 35 KB
36 KB 35ms
33ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2022/10/02/511501/img_0550000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1ed2aff5bb5a2b032a6f5ab8afae851104d7166724987a631651c1f4d882f308

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.500
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 251c4d4b9cef85de3c9590e68b4b31a4
content-length: 35871
x-cf2: H
last-modified: Sun, 02 Oct 2022 16:28:59 GMT
server: CFS 0215
x-cff: B
etag: 0x8DAA49335A0D3EB
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2594471
accept-ranges: bytes
x-cf-rand: 6.105

GET
H2 200 recording__4000.jpg
cdn.teachertube.com/uploads/videos/2022/09/11/511206/ 63 KB
64 KB 28ms
25ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2022/09/11/511206/recording__4000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: feb66f83bae1b5d508dcf05686ca73d3fd178a3d32216bd134bc26156fbdfed7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.500
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: ff4c7a8e65adb34497e567835411ac25
content-length: 64806
x-cf2: H
last-modified: Sun, 11 Sep 2022 22:52:26 GMT
server: CFS 0215
x-cff: B
etag: 0x8DA94484C1806E7
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2594471
accept-ranges: bytes
x-cf-rand: 8.372

GET
H2 200 website-tour000.jpg
cdn.teachertube.com/uploads/videos/2022/09/11/511204/ 49 KB
49 KB 33ms
31ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2022/09/11/511204/website-tour000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fdca94b5eb3df5cec885dc4fa966adf60d065e4a8f296db5124d731c0210d7c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: da4f50734bb700b56e50ff2682b2aaa2
content-length: 50023
x-cf2: H
last-modified: Sun, 11 Sep 2022 22:02:40 GMT
server: CFS 0215
x-cff: B
etag: 0x8DA944158BEE891
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes

GET
H2 200 Default-Media-Video.png
www.teachertube.com/dist/images/ 940 B
2 KB 147ms
90ms Image
image/webp 2606:4700:20::6819:2f07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.teachertube.com/dist/images/Default-Media-Video.png
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:2f07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceeada33b44bd66a03c22c5bd457f7a6bcc9ab1f5e451bd70ed4653662702d74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:31 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=3244
content-disposition: inline; filename="Default-Media-Video.webp"
alt-svc: h3=":443"; ma=86400
content-length: 940
cf-bgj: imgq:100,h2pri
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: cloudflare
etag: "1d99dfd8652c72c"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yApfG%2BCxc5NjdH4mUSbmoW%2BHJCoMz0jutp57caPPpoX4fcVUtC3i4MzG3Bl5DYsw%2BL9mpN39nkVk4VB5Y%2B%2FoMlSfxQFf4z8kIjIjzGxF1%2BNJUqnVcbi6%2FDccqK3MTnDtVjW65IcqKkvE9EjhGuC1Cow%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8387ccbcbdf5727d-EWR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 review-reminder-for-finals000.jpg
cdn.teachertube.com/uploads/videos/2021/11/21/507921/ 20 KB
20 KB 32ms
29ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/11/21/507921/review-reminder-for-finals000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c77b1cc2439c34f343e09b29a5dc3a76934660b72eaed4406bd5b31d409f04b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.500
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: a3b061b871133812210f99eafcf11f3b
content-length: 20443
x-cf2: H
last-modified: Sun, 21 Nov 2021 21:37:45 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9AD3727B9C9AB
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2594471
accept-ranges: bytes
x-cf-rand: 7.664

GET
H2 200 my-video-3000.jpg
cdn.teachertube.com/uploads/videos/2021/12/03/508051/ 27 KB
28 KB 26ms
24ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/12/03/508051/my-video-3000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ddd55c5756a4ea1e42ab58e2af23d55431b9f808c61a2e5837e61c488c317718

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:H
x-cf-reqid: 71051b50293f20031935b537d6b9cd11
content-length: 28011
x-cf2: H
last-modified: Fri, 03 Dec 2021 20:41:28 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9B69D48167F97
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes

GET
H2 200 my-video-3000.jpg
cdn.teachertube.com/uploads/videos/2021/12/03/508050/ 27 KB
28 KB 25ms
22ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/12/03/508050/my-video-3000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ddd55c5756a4ea1e42ab58e2af23d55431b9f808c61a2e5837e61c488c317718

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:H
x-cf-reqid: 26d391332a7b1a0830926f82b0d84804
content-length: 28011
x-cf2: H
last-modified: Fri, 03 Dec 2021 20:04:49 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9B6982959E736
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes

GET
H2 200 zoom_0001.jpg
cdn.teachertube.com/uploads/videos/2021/10/06/507421/ 77 KB
78 KB 17ms
15ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/10/06/507421/zoom_0001.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 47ba748628cb1e3b9cea86533cb091c48acf7af5651f55b1c54459719a423d42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:H
x-cf-reqid: da017d55549be62dab10dcf5b05bd22d
content-length: 79348
x-cf2: H
last-modified: Wed, 06 Oct 2021 16:38:06 GMT
server: CFS 0215
x-cff: B
etag: 0x8D988E7AC6C2BFF
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes

GET
H2 200 tic-tac-toe-subtraction000.jpg
cdn.teachertube.com/uploads/videos/2021/11/24/507946/ 54 KB
55 KB 35ms
33ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/11/24/507946/tic-tac-toe-subtraction000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 618deeee95ada2869cbc7402b889ea71fa6366fe8ec232bfebbfd3043163f712

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 9a8a4ed8296fa8f1c1f8d2326694c2b2
content-length: 55274
x-cf2: H
last-modified: Wed, 24 Nov 2021 03:08:12 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9AEF7A6E6EA3F
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes

GET
H2 200 trimbf6cb303-5cc8-4830-97ec-3bfe1d5f91b1000.jpg
cdn.teachertube.com/uploads/videos/2021/11/23/507940/ 60 KB
60 KB 31ms
28ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/11/23/507940/trimbf6cb303-5cc8-4830-97ec-3bfe1d5f91b1000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 67fe60348920ae0cf01fdd81b9e36ffa7254eabef360848b0d8dc1ee9f9fa7ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: M
cf4ttl: 2592000.000
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: da76054de80fa6372ac26c906cb374c7
content-length: 61243
x-cf2: H
last-modified: Tue, 23 Nov 2021 14:35:27 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9AE8E7E102A91
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 lessons-with-pam-how-to-catch-a-turkey_read-make-do-reduced000.jpg
cdn.teachertube.com/uploads/videos/2021/11/22/507936/ 32 KB
32 KB 33ms
31ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2021/11/22/507936/lessons-with-pam-how-to-catch-a-turkey_read-make-do-reduced000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 65d54d8b3da05b0470472de1b1837eb008522496f9a0b5819aa9ebb03b006606

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.500
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 31ee32c116a0b4158e1478034498d9f1
content-length: 32463
x-cf2: H
last-modified: Mon, 22 Nov 2021 18:18:04 GMT
server: CFS 0215
x-cff: B
etag: 0x8D9ADE46D0D8D76
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2594471
accept-ranges: bytes
x-cf-rand: 4.967

GET
H2 200 trimd9e3454f-df2c-441d-bcb2-cb70fe6bd461000.jpg
cdn.teachertube.com/uploads/videos/2020/09/25/502048/ 28 KB
29 KB 35ms
33ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2020/09/25/502048/trimd9e3454f-df2c-441d-bcb2-cb70fe6bd461000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c3e02a868d3bee66ff08eb2b74a5db6224af1185a0b614e240d49b46cfa52ca6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 8257ad04f7b1814b8f4b6a1acab5e69a
content-length: 28792
x-cf2: H
last-modified: Fri, 25 Sep 2020 05:49:40 GMT
server: CFS 0215
x-cff: B
etag: 0x8D86116CB7CE320
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes

GET
H2 200 flyawaysani001.jpg
cdn.teachertube.com/uploads/videos/2020/09/23/501998/ 75 KB
76 KB 33ms
31ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2020/09/23/501998/flyawaysani001.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b331bd2fad59d5e70a6628f16130ce4fff5cfef99a11beb0a80e1e75816a1b84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 6d92beb0b8089a759f1ab23184a9ef42
content-length: 76777
x-cf2: H
last-modified: Wed, 23 Sep 2020 19:16:08 GMT
server: CFS 0215
x-cff: B
etag: 0x8D85FF5203E5350
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes
x-cf-rand: 5.591

GET
H2 200 bear-over-the-mountain-hd-720p001.jpg
cdn.teachertube.com/uploads/videos/2020/08/17/501163/ 51 KB
51 KB 34ms
32ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2020/08/17/501163/bear-over-the-mountain-hd-720p001.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 89829b7409391803bc3d3eb9b9ace1c4ded110b3e70da7c07c36f4907bce1562

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 5ce028d321f087ac98f78e3fc6fe792c
content-length: 52047
x-cf2: H
last-modified: Mon, 17 Aug 2020 20:12:03 GMT
server: CFS 0215
x-cff: B
etag: 0x8D842E9CE76CD13
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes

GET
H2 200 left-right-visual000.jpg
cdn.teachertube.com/uploads/videos/2020/07/31/500835/ 24 KB
24 KB 34ms
32ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.teachertube.com/uploads/videos/2020/07/31/500835/left-right-visual000.jpg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 06e3436fda51c8e8eb41bb2569c2f3fe308f3ce2be168b56fdc15d29df05d000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1701463827
x-cf3: H
cf4ttl: 2591587.750
x-cf1: 33779:fQ.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: e059d3bf08a0ba2ff6065951f6a03fd9
content-length: 24147
x-cf2: H
last-modified: Fri, 31 Jul 2020 19:50:21 GMT
server: CFS 0215
x-cff: B
etag: 0x8D8358AF5CD86EF
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 412
accept-ranges: bytes

GET
H2 200 Airplane.gif
185.80.196.79.sslip.io/dist/images/ 6 KB
7 KB 874ms
873ms Image
image/gif 185.80.196.79
AS-TEKNOSOS-INT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://185.80.196.79.sslip.io/dist/images/Airplane.gif
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.196.79 Sydney, Australia, ASN207459 (AS-TEKNOSOS-INT, TR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: eec6e77c0ea542ba578b17db6d1dd6d7b1fbfacc0d244ccc0d8ca17b6fe79d87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6199
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: nginx/1.24.0
etag: "1d99dfd8652d3b7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7TBuIEfHSXGY7WKnzqjfPdZTtvhktT4IsOzj8Xm41zHn6PuYDgysHlNevzKQGBpcyz6mRtl8tF%2BE0RUcqnpT2iNo66X3TLe%2FXkzypBpCdvmMdqrJRSuFbTRMCuISg6KMn8KI14%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8387ccbcbd3fb311-BEG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 email-decode.min.js Show response
185.80.196.79.sslip.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 205ms
201ms Script
application/javascript 185.80.196.79
AS-TEKNOSOS-INT

General

Check archive.org

Show headers Download Go to

Full URL

https://185.80.196.79.sslip.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.80.196.79 Sydney, Australia, ASN207459 (AS-TEKNOSOS-INT, TR),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Dec 2023 17:59:01 GMT
server: nginx/1.24.0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"65735965-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfMFYMFwU271SwXciWvAhabVRadnEUMlclQ%2FaVzMSuaGwsL4cZynQQU86KA9u66naZ46Aql6XQ7lLeGc1nVR0jLyV8B%2F2Z%2BCmGNZadcgEc0aWf96gUngQD0t4gmLWJluPk1DOHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8387ccbccb2571a3-BEG
expires: Fri, 22 Dec 2023 12:13:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 48ms
31ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2624863-1

Requested by

Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a89134e5074bda447639863e25a4e136769b3c0fc95aaf047c35cd784808e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 12:13:30 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 127ms
60ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2135ad201ca8401fb13d4773b852b2d91b2aa21f60b3ea272ff327d7525a1082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29084
x-xss-protection: 0
server: cafe
etag: 294 / 19711 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 12:13:31 GMT

GET
H2 200 prebid3.js Show response
media.swncdn.com/js/prebid/ 170 KB
55 KB 49ms
10ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.swncdn.com/js/prebid/prebid3.js
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9efb0fa8b6eb17ef69b3c4a0bc131d5b890feb43aef54da5e00ccb9111013a4a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1702587318
content-encoding: gzip
x-cf3: H
cf4ttl: 2592000.000
x-cf1: 34163:fP.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: 3887fb9d9a6b0b0afa3eed193326e7eb
content-length: 55920
x-cf2: H
last-modified: Tue, 25 Feb 2020 16:16:48 GMT
server: CFS 0215
x-cff: B
etag: W/"36e160fbf6ebd51:0"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 advscript.js Show response
media.swncdn.com/salemads/teachertube/ 31 KB
6 KB 51ms
12ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.swncdn.com/salemads/teachertube/advscript.js
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 61aa1bff6855b179c44f7e3bf952a0dc9913e0b2041929a020591ff831920f5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:30 GMT
x-cf-tsc: 1703073451
content-encoding: gzip
x-cf3: H
cf4ttl: 3533.254
x-cf1: 34163:fP.ewr1:co:nots:cacheN.ewr1-01:M
x-cf-reqid: c0904a9f154dcddf1bb0123445be0c57
content-length: 5654
x-cf2: H
server: CFS 0215
x-cff: B
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=3600, max-age=86400
cf4age: 66
accept-ranges: bytes

GET
H2 200 scripts.js Show response
185.80.196.79.sslip.io/dist/ 5 KB
3 KB 216ms
212ms Script
application/javascript 185.80.196.79
AS-TEKNOSOS-INT

General

Check archive.org

Show headers Download Go to

Full URL: https://185.80.196.79.sslip.io/dist/scripts.js?v=l2a5PQAltTja_55rPxRYQHJqG_4GOqgPyTIwg3M8vYQ
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.196.79 Sydney, Australia, ASN207459 (AS-TEKNOSOS-INT, TR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 9766b93d0025b538daff9e6b3f145840726a1bfe063aa80fc9323083733cbd84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3218
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: nginx/1.24.0
etag: W/"1d99dfd8652d91a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAZcVsWgKHVpP5vHzd0xyiGHCXU4QoCFk9vua9Us2PkSo0sjHSdmqhNkqrlxBVgELb7YcQJp%2FWLrY7KgJWkCD5lrmQmr6pv0WP5jnHFv3OQ8eVSPgHasx45jlsg2vvwLe4%2F1zo0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 8387ccbcbe5eb01d-BEG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 vendors.js Show response
185.80.196.79.sslip.io/dist/ 2 MB
586 KB 276ms
272ms Script
application/javascript 185.80.196.79
AS-TEKNOSOS-INT

General

Check archive.org

Show headers Download Go to

Full URL: https://185.80.196.79.sslip.io/dist/vendors.js?v=SHSeS3-Yx_RfQAdnl9vIAFwViUdg47GKtV82VSB8huk
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.196.79 Sydney, Australia, ASN207459 (AS-TEKNOSOS-INT, TR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 48749e4b7f98c7f45f40076797dbc8005c15894760e3b18ab55f3655207c86e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3218
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: nginx/1.24.0
etag: W/"1d99dfd86735001"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ij8fnNSdj9k1tEMp12SDfh03htEwDqQShjNXdx9yYWvctOsL6FLLmptbt%2BCSQuRKCKSj7qZLmrPLsj6kpiUGcCklF5VSXhudA1UEuuXTS05CQP71RiQ4TwDQ7LqnHCCwwUJJr%2Fw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 8387ccbcbe6cb01b-BEG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 a-06v4.min.js Show response
b-code.liadm.com/ 47 KB
15 KB 81ms
15ms Script
application/javascript 2600:9000:215f:a800:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-06v4.min.js
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:a800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9ff33e49702078f94423110e93d8e1f4244fe06593d5a265ef1112d75ee46a28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 20:31:11 GMT
content-encoding: gzip
via: 1.1 9a6f07a84b60a85466bb31603767843c.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
age: 56540
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: NJ_OMgZCJlx-nS5VQ6U2HfOQ7kuJkU6Ai2udLD91p0Mz9VnYGlXBuw==

GET
H2 200 Logo-Color.svg
185.80.196.79.sslip.io/dist/images/ 6 KB
3 KB 416ms
416ms Image
image/svg+xml 185.80.196.79
AS-TEKNOSOS-INT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://185.80.196.79.sslip.io/dist/images/Logo-Color.svg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/dist/styles.css?v=MOzEbqwFov7lBiFAh6_d3FpFMFuHWyrlMYhDjDB5cvI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.196.79 Sydney, Australia, ASN207459 (AS-TEKNOSOS-INT, TR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e9f4d0009dd384954901125db9e7c1375a604a102516aaed6bdd7113113817d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/dist/styles.css?v=MOzEbqwFov7lBiFAh6_d3FpFMFuHWyrlMYhDjDB5cvI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: nginx/1.24.0
etag: W/"1d99dfd8652dc82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf%2BGkNR4yrw9AUxpItWr47Bz3hOBs3mSm1UA4CqSrv9mmELjTjFiiwW9xIrS5Znp%2BTlCERl0IBiQbrCKUld3YTAd%2FM3IOgAK0GSRpCJUdfSEULHD1nsL3XxCgFXJDuxvIXtCoAA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 8387ccc1f8e8b01e-BEG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 Pattern-Background.png
185.80.196.79.sslip.io/dist/images/ 79 KB
80 KB 923ms
923ms Image
image/png 185.80.196.79
AS-TEKNOSOS-INT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://185.80.196.79.sslip.io/dist/images/Pattern-Background.png
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/dist/styles.css?v=MOzEbqwFov7lBiFAh6_d3FpFMFuHWyrlMYhDjDB5cvI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.196.79 Sydney, Australia, ASN207459 (AS-TEKNOSOS-INT, TR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: af1725783d5dc2e5d1f3cf5dcddbc2bd198086933ca920d400eae6ad87912488

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/dist/styles.css?v=MOzEbqwFov7lBiFAh6_d3FpFMFuHWyrlMYhDjDB5cvI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 81009
last-modified: Tue, 13 Jun 2023 13:46:59 GMT
server: nginx/1.24.0
etag: "1d99dfd8653f7f1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: https://www.teachertube.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3hKRwCqpVwnpWEMLqiIDVQsWPwG4VdUU%2FKt1dUF2XL1L6ylItHxNOEQIHFEHE0NuRPJGn%2Bjnu%2FnF%2Br7ZX%2FjQUeQhwn0mFayEhQcapr0XxkSZFgXewn%2FJy8qYA19MWcDf60WuQs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8387ccc208eab01e-BEG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
DATA 200
OK truncated
/ 156 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 74 KB
74 KB 20ms
11ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Origin: https://185.80.196.79.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:31 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1479666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 75440
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-126b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMJEsM0VWeZHFNJ6fxM947%2BScBNj4SAFcnAPLbtCz6LbJtxtLA0ThDPB7brVWAZG4m7oYda1Q7BJy3Z7Ps0Su%2BPkfd1Ko5U%2FIuIP1hU6%2BK%2BcHxlKmEJPe2Q8CL%2BB169AqW7VXsbYsgP%2Fn4f%2BR%2FzblZsX"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8387ccc149986a53-EWR
expires: Mon, 09 Dec 2024 12:13:31 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 13ms
12ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 00:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42649
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 19 Dec 2024 00:22:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 73 B
85 B 69ms
41ms XHR
application/json 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=185.80.196.79.sslip.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d88d24a09fadc5d552f9cfdc6c7d22ec9c2ec50f8470f28d0c126c3142224c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61
x-xss-protection: 0
expires: Wed, 20 Dec 2023 12:13:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
91 KB 34ms
33ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6CLCKX16XJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2624863-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e0490cc756d3a3b831dff7582a81c2b1cafaa57eeb5f281d3b93fb94874714b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93009
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 12:13:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 52ms
11ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2624863-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 10:52:28 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4863
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 20 Dec 2023 12:52:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 19ms
19ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11021558786&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2624863-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b260c07c492feaceaf530088ebb7600813374c16e0f913fc1a18b44c97f26d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72477
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 12:13:31 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 98ms
19ms Script
application/javascript 52.85.107.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: media.swncdn.com
URL: https://media.swncdn.com/salemads/teachertube/advscript.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-107-191.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:48:03 GMT
content-encoding: gzip
via: 1.1 a497eba714f030335fd7adebea6fe8b6.cloudfront.net (CloudFront), 1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:11 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, YUL62-C2
age: 1529
x-amz-server-side-encryption: AES256
etag: W/"bab82e5d8801f394c1ef53a45dc29542"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: aHoaj4k6ZYv1p1RtFc4sgTI3GJKlPYM46F350t0mSK8UEzE57XntbA==

GET
H2 500 main.js
185.80.196.79.sslip.io/cdn-cgi/challenge-platform/scripts/jsd/ Frame 26A6 0
0 221ms
221ms Script
text/html 185.80.196.79
AS-TEKNOSOS-INT

General

Check archive.org

Show headers Download Go to

Full URL: https://185.80.196.79.sslip.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.196.79 Sydney, Australia, ASN207459 (AS-TEKNOSOS-INT, TR),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
server: nginx/1.24.0
content-length: 579
content-type: text/html

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 34ms
33ms XHR
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1059430308&t=pageview&_s=1&dl=https%3A%2F%2F185.80.196.79.sslip.io%2F&ul=en-us&de=UTF-8&dt=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1765227083&gjid=2047519831&cid=485101152.1703074412&tid=UA-2624863-1&_gid=1908636501.1703074412&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1639928229

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://185.80.196.79.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://185.80.196.79.sslip.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11021558786/ 2 KB
2 KB 44ms
43ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11021558786/?random=1703074411945&cv=11&fst=1703074411945&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F185.80.196.79.sslip.io%2F&hn=www.googleadservices.com&frm=0&tiba=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&auid=1429508275.1703074412&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11021558786&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35032bf4046d36a413e4e51161a475a27532b167ddac0a61adbd6c6c8270aed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
259 B 81ms
34ms Ping
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6CLCKX16XJ&_ono=1&gtm=45je3bt0v889608820&_p=1703074411750&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=485101152.1703074412&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1703074412&sct=1&seg=0&dl=https%3A%2F%2F185.80.196.79.sslip.io%2F&dt=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&en=page_view&_fv=1&_ss=1&tfd=2508
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6CLCKX16XJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://185.80.196.79.sslip.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 50ms
19ms Ping
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-6CLCKX16XJ&cid=485101152.1703074412&gtm=45je3bt0v889608820&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6CLCKX16XJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://185.80.196.79.sslip.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
352 B 46ms
18ms XHR
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2624863-1&cid=485101152.1703074412&jid=1765227083&gjid=2047519831&_gid=1908636501.1703074412&_u=YEBAAUAAAAAAACAAI~&z=1495714452

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://185.80.196.79.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 20 Dec 2023 12:13:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://185.80.196.79.sslip.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 267ms
266ms Fetch
text/plain 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1476677553059165&correlator=3071657168869344&eid=44780988&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=6177%2Cteachertube%2Chome%2Cdesktop_right_300x250-1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703074412035&lmt=1703074412&adxs=995&adys=194&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F185.80.196.79.sslip.io%2F&vis=1&psz=360x315&msz=330x0&fws=4&ohw=1140&ga_vid=485101152.1703074412&ga_sid=1703074412&ga_hid=1059430308&ga_fc=true&dlt=1703074410861&idt=1100&prev_scp=pos%3Ddesktop_right_300x250-1&cust_params=device%3Ddesktop&adks=2495303898&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e39ab7644d5fa9f3f00831e216f08288b55bd061d77385d4281a5aab5ffa44d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13006
x-xss-protection: 0
google-lineitem-id: 6421225090
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138456056960
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://185.80.196.79.sslip.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D790 6 KB
3 KB 132ms
42ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://185.80.196.79.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 12:13:32 GMT
expires: Thu, 19 Dec 2024 12:13:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 474ms
474ms Fetch
text/plain 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1476677553059165&correlator=3071657168869344&eid=44780988&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=6177%2Cteachertube%2Chome%2Cdesktop_middle_728x90-1&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703074412049&lmt=1703074412&adxs=245&adys=566&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F185.80.196.79.sslip.io%2F&vis=1&psz=1110x3952&msz=1110x0&fws=4&ohw=1140&ga_vid=485101152.1703074412&ga_sid=1703074412&ga_hid=1059430308&ga_fc=true&dlt=1703074410861&idt=1100&prev_scp=pos%3Ddesktop_middle_728x90-1&cust_params=device%3Ddesktop&adks=518484386&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

700fbafde03073f9f4874de3a24894ac5b15b5dcf94cb30796443068683bb05a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13105
x-xss-protection: 0
google-lineitem-id: 6418982544
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138456056324
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://185.80.196.79.sslip.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 338ms
338ms Fetch
text/plain 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1476677553059165&correlator=3071657168869344&eid=44780988&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=6177%2Cteachertube%2Chome%2Cdesktop_right_300x250-2&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703074412053&lmt=1703074412&adxs=245&adys=2132&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F185.80.196.79.sslip.io%2F&vis=1&psz=380x240&msz=350x0&fws=4&ohw=1140&ga_vid=485101152.1703074412&ga_sid=1703074412&ga_hid=1059430308&ga_fc=true&dlt=1703074410861&idt=1100&prev_scp=pos%3Ddesktop_right_300x250-2&cust_params=device%3Ddesktop&adks=2512555841&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a7ac5f85a94ad785544cf42212f620e222572e8a7c34f44a776a658c772b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13074
x-xss-protection: 0
google-lineitem-id: 6418981860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138456596488
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://185.80.196.79.sslip.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1703074412058&aid=a-06v4&se=e30&duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&tna=v2.11.2&pu=https%3A%2F%2F185.80.196.79.sslip.io%2F&wpn=lc-bundle&c=PHRpdGxlPlRlYWNoZX...
https://rp4.liadm.com/j?se=e30&duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&aid=a-06v4&tna=v2.11.2&dtstmp=1703074412058&n3pc=true&wpn=lc-bundle&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTozNzM5OjNjNDM6ZjM5Y...

13 B
319 B

87ms
14ms

XHR
application/json

34.206.231.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&aid=a-06v4&tna=v2.11.2&dtstmp=1703074412058&n3pc=true&wpn=lc-bundle&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTozNzM5OjNjNDM6ZjM5Yg%3D%3D&pu=https%3A%2F%2F185.80.196.79.sslip.io%2F&c=PHRpdGxlPlRlYWNoZXJUdWJlIEVkdWNhdGlvbmFsIFZpZGVvcyBmb3IgdGhlIFNjaG9vbCBDbGFzc3Jvb20gYW5kIEhvbWUgLSBJbmNsdWRpbmcgRWR1Y2F0aW9uYWwgU29uZ3MsIEhpc3RvcnkgVmlkZW9zLCBTdHVkZW50IFZpZGVvcyBhbmQgTWF0aCBWaWRlb3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGZyZWUgY29tbXVuaXR5IGZvciBzaGFyaW5nIGluc3RydWN0aW9uYWwgdmlkZW9zLCBFZHVjYXRpb25hbCBTb25ncywgSGlzdG9yeSBWaWRlb3MsIFN0dWRlbnQgVmlkZW9zLCBNYXRoIFZpZGVvcywgYW5kIG90aGVyIGNvbnRlbnQgZm9yIHRlYWNoZXJzIGFuZCBzdHVkZW50cy4gV2UgYXJlIGFuIGVkdWNhdGlvbiBmb2N1c2VkLCBzYWZlIHZlbnVlIGZvciB0ZWFjaGVycywgc2Nob29scywgYW5kIGhvbWUgc2Nob29sZXJzIHRvIGFjY2VzcyBlZHVjYXRpb25hbCBmb3IgdGhlIGNsYXNzcm9vbSBhbmQgaG9tZSBsZWFybmluZy4iPjxoMT5UZWFjaGVydHViZS5jb20sIHlvdXIgRWR1Y2F0aW9uIFZpZGVvIFJlc291cmNlIEZvciBDb2xsZWdlLCBIaWdoIFNjaG9vbCwgTWlkZGxlIFNjaG9vbCBhbmQgRWxlbWVudGFyeSBTY2hvb2w8L2gxPg
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Server: 34.206.231.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-231-187.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
x-pixel-event-id: b0bf7cf3-ec98-4d4b-b633-631d9885d092
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&aid=a-06v4&tna=v2.11.2&dtstmp=1703074412058&n3pc=true&wpn=lc-bundle&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTozNzM5OjNjNDM6ZjM5Yg%3D%3D&pu=https%3A%2F%2F185.80.196.79.sslip.io%2F&c=PHRpdGxlPlRlYWNoZXJUdWJlIEVkdWNhdGlvbmFsIFZpZGVvcyBmb3IgdGhlIFNjaG9vbCBDbGFzc3Jvb20gYW5kIEhvbWUgLSBJbmNsdWRpbmcgRWR1Y2F0aW9uYWwgU29uZ3MsIEhpc3RvcnkgVmlkZW9zLCBTdHVkZW50IFZpZGVvcyBhbmQgTWF0aCBWaWRlb3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGZyZWUgY29tbXVuaXR5IGZvciBzaGFyaW5nIGluc3RydWN0aW9uYWwgdmlkZW9zLCBFZHVjYXRpb25hbCBTb25ncywgSGlzdG9yeSBWaWRlb3MsIFN0dWRlbnQgVmlkZW9zLCBNYXRoIFZpZGVvcywgYW5kIG90aGVyIGNvbnRlbnQgZm9yIHRlYWNoZXJzIGFuZCBzdHVkZW50cy4gV2UgYXJlIGFuIGVkdWNhdGlvbiBmb2N1c2VkLCBzYWZlIHZlbnVlIGZvciB0ZWFjaGVycywgc2Nob29scywgYW5kIGhvbWUgc2Nob29sZXJzIHRvIGFjY2VzcyBlZHVjYXRpb25hbCBmb3IgdGhlIGNsYXNzcm9vbSBhbmQgaG9tZSBsZWFybmluZy4iPjxoMT5UZWFjaGVydHViZS5jb20sIHlvdXIgRWR1Y2F0aW9uIFZpZGVvIFJlc291cmNlIEZvciBDb2xsZWdlLCBIaWdoIFNjaG9vbCwgTWlkZGxlIFNjaG9vbCBhbmQgRWxlbWVudGFyeSBTY2hvb2w8L2gxPg
access-control-allow-origin: https://185.80.196.79.sslip.io
date: Wed, 20 Dec 2023 12:13:32 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 128ms
103ms XHR
application/javascript 52.85.107.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-107-191.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 192b5dfe0d3306c6761973a7786a01d4.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: XRItm3WX_i690NI8-ml5SB98mg0PMiKCvkzc-WxpP6nhiuIFR2Kbug==

GET
H2 200 /
www.google.com/pagead/1p-user-list/11021558786/ 42 B
455 B 111ms
43ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11021558786/?random=1703074411945&cv=11&fst=1703073600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2F185.80.196.79.sslip.io%2F&frm=0&tiba=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_qojCa8rYnp6vQ7o3y0YxvckvCEt0DA&random=2699478486&rmt_tld=0&ipr=y

Requested by

Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 105ms
44ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2624863-1&cid=485101152.1703074412&jid=1765227083&_u=YEBAAUAAAAAAACAAI~&z=1937664672

Requested by

Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK a-06v4 Show response
i.liadm.com/s/c/ Frame 4800 1 KB
1 KB 62ms
22ms Document
text/html 34.232.211.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-06v4?duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&euns=0&s=&version=v2.11.2&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-06v4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.211.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-211-7.compute-1.amazonaws.com

Software

Resource Hash

0b787eab19555b483998f02a983f8076fb9a9d0ccd93b55423318c099c21fbc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://185.80.196.79.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 690
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Dec 2023 12:13:32 GMT
Request-Time: 13
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2

200

sync
pippio.com/api/ Frame 4800
Redirect Chain

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b
https://p.rfihub.com/cm?pub=39342&in=1&userid=f4b19280-2985-4eec-86ab-d60769673007%3A1703074412.355907&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Df4b19280-2985-4eec-...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969751695971022312&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Df4b1928...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=f4b19280-2985-4eec-86ab-d60769673007%3A1703074412.355907&pid=500040&it=1&iv=f4b19280-2985-4eec-86ab-d60769673007%3A1703074412.355907&_=17030...
https://pippio.com/api/sync?it=1&pid=500040&_=1703074412.3590918&iv=f4b19280-2985-4eec-86ab-d60769673007:1703074412.355907

42 B
569 B

55ms
41ms

Image
image/gif

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1703074412.3590918&iv=f4b19280-2985-4eec-86ab-d60769673007:1703074412.355907
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&euns=0&s=&version=v2.11.2&
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1703074412.3590918&iv=f4b19280-2985-4eec-86ab-d60769673007:1703074412.355907
Date: Wed, 20 Dec 2023 12:13:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 0

GET
H/1.1

200
OK

35759
i6.liadm.com/s/ Frame 4800
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=85a36ab5-c654-4f14-8ecb-5441544fc531
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=85a36ab5-c654-4f14-8ecb-5441544fc531

43 B
548 B

66ms
11ms

Image
image/gif

2600:1f18:ed:550e:3daf:be5a:6a09:50
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=85a36ab5-c654-4f14-8ecb-5441544fc531

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&euns=0&s=&version=v2.11.2&

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:3daf:be5a:6a09:50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 12:13:32 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=85a36ab5-c654-4f14-8ecb-5441544fc531
Date: Wed, 20 Dec 2023 12:13:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 4800
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3023469083165232987
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=ebc49df3-3cf8-4c8c-960b-e3b43d29159b&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=363c2c32-5f59-46ac-a1f4-e31b68f242b6
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b

42 B
716 B

11ms
11ms

Image
image/gif

52.204.112.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&euns=0&s=&version=v2.11.2&

Protocol

Server

52.204.112.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-204-112-221.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-07a6ce7c0.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: bnA7O2IpT+k=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-2-v053-0735ccd9c.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: vW1iz4mCRJo=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 4800
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b&rd=Y

43 B
593 B

70ms
70ms

Image
image/gif

23.216.137.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b&rd=Y

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&euns=0&s=&version=v2.11.2&

Protocol

Server

23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-216-137-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 20 Dec 2023 12:13:32 GMT
pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b&rd=Y
pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Wed, 20 Dec 2023 12:13:32 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 4800 43 B
364 B 48ms
15ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&euns=0&s=&version=v2.11.2&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5752635
expires: Wed, 20 Dec 2023 00:00:00 GMT

GET
H/1.1

200
OK

52164
i.liadm.com/s/ Frame 4800
Redirect Chain

https://x.bidswitch.net/sync?ssp=liveintent&user_id=ebc49df3-3cf8-4c8c-960b-e3b43d29159b
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=ebc49df3-3cf8-4c8c-960b-e3b43d29159b
https://cm.mgid.com/m?cdsp=146480&gdpr=&gdpr_consent=&us_privacy=&adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dliveintent%26user_id%3D%7Bmuidn%7D%26bsw_param%3D363c2c32-5f59-46ac...
https://cm.mgid.com/m?adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dliveintent%26user_id%3D%7Bmuidn%7D%26bsw_param%3D363c2c32-5f59-46ac-a1f4-e31b68f242b6%26expires%3D10%26gdpr%3D%...
https://x.bidswitch.net/sync?dsp_id=303&ssp=liveintent&user_id=nbkwnOQrM_d4&bsw_param=363c2c32-5f59-46ac-a1f4-e31b68f242b6&expires=10&gdpr=&gdpr_consent=
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=363c2c32-5f59-46ac-a1f4-e31b68f242b6

43 B
645 B

19ms
10ms

Image
image/gif

34.232.211.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=363c2c32-5f59-46ac-a1f4-e31b68f242b6

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&euns=0&s=&version=v2.11.2&

Protocol

HTTP/1.1

Server

34.232.211.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-211-7.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 12:13:32 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: //i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=363c2c32-5f59-46ac-a1f4-e31b68f242b6
Date: Wed, 20 Dec 2023 12:13:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame 4800
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__&s=2
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=M50iYvO0PV5zygAoL__5
https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=ebc49df3-3cf8-4c8c-960b-e3b43d29159b&liid=&_ct=im
https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=448c8eb9d8784dc0acd78b7bddbbe67a
https://x.bidswitch.net/sync?dsp_id=42&user_id=

43 B
235 B

27ms
27ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06v4?duid=449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy&euns=0&s=&version=v2.11.2&
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 12:13:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date: Wed, 20 Dec 2023 12:13:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 container.html Show response
d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C3E1 6 KB
3 KB 24ms
23ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://185.80.196.79.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 12:13:32 GMT
expires: Thu, 19 Dec 2024 12:13:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C3E1 24 KB
7 KB 53ms
13ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 15 Dec 2024 00:00:35 GMT

GET
H2 200 / Show response
a2.adform.net/adfscript/ Frame C3E1 1 KB
2 KB 518ms
141ms Script
text/javascript 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/adfscript/?bn=67441645;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssBdPHUZPWfdQzMaaYxpE3twKlpeYgnlhmFB7LUMj__zljxoMi0SRta33BZ5qtVXsYCl9EZ1uGHl6C2kdsgaTOisCg7Tjw9BbPj8DAPL6D2HcnJMikKeSbcMn-w21b0u-8NRANwo1du0IDOl5vbKwfg-zsitIUZwcISCgJbweBPIwNO9eSIK1U3L8XljaET70Vu7HpaAJosm960pEtPjJraXXYdM-Gg5uMW0Pl4LV794HPlJX2KlFGOcgSKeOiVzaA8hORYHUKlcEJmTNbq0yml9LPbKt0ki0n8M1IUHRom3mzAKHnQOH4ZpJRWp-qe0oTk3puKnzInWPuHy83562HC6LoHX3HLi9_BBYrgbV4TzuObUOgmfpqenSZMag45uYSX83fVI7pm_U0rX7ncw6Zaqg&sai=AMfl-YRBknO-7H2wpO6Eq4Ijq_cMemQqTRXlqirbs_8A4h5fX7mbqrgfzw__ZXuXRq30zgnDBMrZ10q-QL0shEJYNOSvT1GoxJibKqs-cYNrAaoV7j8EhIDYPYycJ64rbqA&sig=Cg0ArKJSzJWzxC_jkBhBEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Requested by

Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

373db05fbfcf6158eabbb85c105b1dfb9ae99394c993c10f48fc370abdd0eb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1249
expires: -1

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3E1 203 KB
65 KB 53ms
43ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 12:13:32 GMT

GET
H3 200 container.html Show response
d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5001 6 KB
3 KB 15ms
15ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://185.80.196.79.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 12:13:32 GMT
expires: Thu, 19 Dec 2024 12:13:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5001 24 KB
6 KB 14ms
11ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 15 Dec 2024 00:00:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5001 203 KB
64 KB 42ms
41ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 12:13:32 GMT

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/ 2 KB
1 KB 193ms
155ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox_inline.js?mb=1703074412436
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/dist/scripts.js?v=l2a5PQAltTja_55rPxRYQHJqG_4GOqgPyTIwg3M8vYQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c09161b6c533697d2f42cf425d389c31aaa97f05f9b48f76700469910a9c20

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 19:57:19 GMT
content-md5: 3NDdCT9QCHk0Dy1BCYxbyw==
server: cloudflare
cf-polished: origSize=2532
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: c2a547c3-201e-0037-4a8f-1bb49f000000
x-ms-version: 2009-09-19
cf-ray: 8387ccc5fa17c420-EWR

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3E1 0
0 49ms
49ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7qzDOGquDKK8sfwJE0dadBEpXWC5aCUiPU2ayU6KpaMIIZv-YB6aXRnH5euTxPVj-xZDGcV3hhaWx98Y7m7Ew9nbBsnYUBKsdzGv-glddE8irMaBp4A2caSzAO9WdvgSeqWX0hBs-EyCMOtwfKW_-BbTZhephnezng3xEK-IavlRJ-cnOVObOlcuCyAit3s4d92qW_SmzqvCVmWgr-RRRSsdsbiQiRfhgjkw_XPPXQ-D5P9wTWnDU5ACwWrCf0-wSw2KO_44uDzgZQeVDdy1-GpwrTL-uDGXmo4GjnF0250ZFCcSHulUli9xDLbeX14kR1YXza5TrDx3uYQq1lepqd19v0lgW_GmuRnTkF9qMkKPm5aCuWqesNtm38YJsrsfSnJHKgVmawLoAi2QsWYivd_iBmlQwqqCNJAl0gA-7FS99&sai=AMfl-YR2-lyQ6DXDKOPA4e0HkBUponSrnMOofp1F56Q-c3i7gOKRVlv295EGuxNUHu8eaa44_Pb1xBvloC3t5OjcKM7YH7DAD1G14qo73jzDO3oHYNh08zGrwNSR_of5W7w&sig=Cg0ArKJSzKqtRr3li-3MEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5001 0
0 46ms
46ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtD8-Fkx_E5OVmwaUS7OyHBcZEPAnwbWVEd7JoxiijEBG4SXh7QkELVOiR04EJdEJhfa5rAZg6byxZndPwvgcuyBjK97fQSGAyTzXI-SG-SWHrhwDrlB9fHXW1AxH0-FC62ozEztYkd7zUd-KRnqRjJqvOYy3t1MdWaGYxkSHaYyNK23HCWIc_Os0C5C7DZvSVcBgjKWRpfc9QYgLFyMXLpNMRw4KYGslH2SuZD6aHeqPdPy1T8lCFv8tFpWDSQpLufQctF2knITi2za_Rp_Wslq16n_KCTi82hiqzKZrjmCRThZDSGQ7R8xGpud1jRHjV7Ml2wZgLrcZwi-J3MmbQEK4gYHNnWFX_osrhlELGQmej3JA85tlS_c5sQdy_Lp_MlysBlmVd2RQrW145PHSQl3o4k1WJwC12fDN3R-8RO4GC&sai=AMfl-YRmh7Rob0s9bRrKy1BInXyhhmedjJJqtpsURMgiupX13mv5KlEKOobRmHUBPai4HfmjdLRuRkcdhVP8H8e9mPjtsEQU0tW_OnDvyblIxbdDr4Qh7J9oUqOyZROSPg&sig=Cg0ArKJSzMh32dE56-9HEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 app.js Show response
servedbyadbutler.com/ Frame 5001 67 KB
13 KB 75ms
13ms Script
application/javascript 51.222.11.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app.js
Requested by: Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.11.129 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5004418.ip-51-222-11.net
Software: nginx /
Resource Hash: 19f017b060eef42c6c184a49c2293ba61282cf67189da8025a13dd7dd680e588

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 22:44:56 GMT
server: nginx
etag: W/"65496c68-10da1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Wed, 20 Dec 2023 12:43:32 GMT

GET
DATA 200
OK truncated
/ Frame 5001 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c9dfe11ceca22c22ef1b12dc111783f25c16f39a2a86cdd7edb32684cbb508

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8CC7 6 KB
3 KB 13ms
12ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://185.80.196.79.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 12:13:32 GMT
expires: Thu, 19 Dec 2024 12:13:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 click Show response
servedbyadbutler.com/adserve/;ID=181133;size=300x250;setID=600389;type=async;domid=placement_600389_0;place=0;pid=6112010;sw=1600;sh=1200;spr=1;rnd=6112010;referrer=https%3A%2F%2F185.80.196.79.ssli... Frame 5001 3 KB
2 KB 20ms
20ms Script
application/javascript 51.222.11.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://servedbyadbutler.com/adserve/;ID=181133;size=300x250;setID=600389;type=async;domid=placement_600389_0;place=0;pid=6112010;sw=1600;sh=1200;spr=1;rnd=6112010;referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F;atf=1;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsslB2ffPnxnkIOFsfCorWVawdKAhpLjn3qb4kyNw2XnDEIDSGPLwkbxBCHxcMUpOaHgu_eV8Osgcj1nrnI7lNl-zndAms-tHJSZgTVOzDvH3RfqlQRDP-FQEkVbnQaXXTn4rrzDeRF6rMMBfCUkYUPr0AQEJyB50jDuMLzVL_IpN-vtSWO6-ev5dBqnTM1EhXkmxRGw6w3zF_eh70QYCfr_8Zkh75wq0dZg5M_zMnM0pVFDPSrttqowFjjNb2IlZsmHA5k-P8lh6cUFasxHNHPJdp-nhBa7IDjizu6Ti19JGeGRyJxk6-65jowbQeYbvXoAPeugCXz4j9ja3ZLwbpiqQZyH6syi-9v4nmXVaLW2eunfO6PpNJ-GYO07hWJ2d4m0_HO_XlOlVWOYzkUieROxvw&sai=AMfl-YTX4I5SfkyyKpI010f4ysXAvIOluyapzw4n5lqHG1MvJaifKRce-ncgdcJhLh3EI25fPXuAn87IChet2_IzXdUymc3cmkVN-MPgS28jC82UxQilca3fN6sej-SKMA&sig=Cg0ArKJSzIhPOdooKmpIEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.222.11.129 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5004418.ip-51-222-11.net

Software

nginx /

Resource Hash

0bcb77020a6a8592d05e6801a677c106cce19639fb566e05dbfce8376cc980a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8CC7 24 KB
6 KB 15ms
15ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 15 Dec 2024 00:00:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CC7 203 KB
64 KB 50ms
50ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 12:13:32 GMT

GET
H2 200 ;MID=181133;type=e959fb862;placementID=2274346;setID=600389;channelID=20392;CID=751993;BID=521589681;TAID=0;place=0;referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F;mt=1703074412580729;hc=baf173658... Show response
servedbyadbutler.com/adserve/ Frame 5001 0
371 B 63ms
14ms XHR
text/html 51.222.11.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://servedbyadbutler.com/adserve/;MID=181133;type=e959fb862;placementID=2274346;setID=600389;channelID=20392;CID=751993;BID=521589681;TAID=0;place=0;referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F;mt=1703074412580729;hc=baf1736583a3492bdaaf44887d77b201cf322900

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.222.11.129 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5004418.ip-51-222-11.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
a2.adform.net/adfscript/ Frame F8A1 2 KB
2 KB 291ms
143ms Script
text/javascript 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/adfscript/?bn=70093636;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsslB2ffPnxnkIOFsfCorWVawdKAhpLjn3qb4kyNw2XnDEIDSGPLwkbxBCHxcMUpOaHgu_eV8Osgcj1nrnI7lNl-zndAms-tHJSZgTVOzDvH3RfqlQRDP-FQEkVbnQaXXTn4rrzDeRF6rMMBfCUkYUPr0AQEJyB50jDuMLzVL_IpN-vtSWO6-ev5dBqnTM1EhXkmxRGw6w3zF_eh70QYCfr_8Zkh75wq0dZg5M_zMnM0pVFDPSrttqowFjjNb2IlZsmHA5k-P8lh6cUFasxHNHPJdp-nhBa7IDjizu6Ti19JGeGRyJxk6-65jowbQeYbvXoAPeugCXz4j9ja3ZLwbpiqQZyH6syi-9v4nmXVaLW2eunfO6PpNJ-GYO07hWJ2d4m0_HO_XlOlVWOYzkUieROxvw&sai=AMfl-YTX4I5SfkyyKpI010f4ysXAvIOluyapzw4n5lqHG1MvJaifKRce-ncgdcJhLh3EI25fPXuAn87IChet2_IzXdUymc3cmkVN-MPgS28jC82UxQilca3fN6sej-SKMA&sig=Cg0ArKJSzIhPOdooKmpIEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://servedbyadbutler.com/redirect.spark?MID=181133&plid=2274346&setID=600389&channelID=20392&CID=751993&banID=521589681&PID=0&textadID=0&tc=1&scheduleID=2194714&adSize=300x250&mt=1703074412580692&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F&hc=f12f283412f530d773af42cadec28bd652ce2ee9&location=

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0d0187474931310af92db3ba3c2316224aba85d74f98cfc41cc9c7d937cc68b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1511
expires: -1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CC7 0
0 49ms
48ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoLKzWlgfIAl0YXXW0fZfiI9CGgUmvNi_iDyUf8N3NkIqEVq_-m70qvKbFnp_lxLrRsIhDUT_Bsqq9cmJkx3ype3COu3Qx5htz3Qyz0KyZmP7rE6Ew2pqSWYXAybyrA0mNj7x4yQd6IONBBEJ6JJbKj0dvrFWXevU2EzJN_utELNGH3LJDwI-IE7EGdeFrhCVnVaN1nKVju72i0H_1jUmygPrxY2cnSgP95wSBliFA1oKqKVivlhO3SJnFpTejyqZQL85v0385Ig_LrCpwpEgGycpyk15V3Pw-g3eJL5h5LqApg0KcnaWp3Qf-C8R_hAqSicKKMQ2Gx-_pBk-NiLWcOB6EHJc5Wpw9H8FQve9vYIZRiOMrk9Oh9GY7ogn3djZKxIYVuXOxeXn-YIDRXGeneHNzWvOElnqHUGM6GJZBFi4P&sai=AMfl-YRamb57AC5uVOrgA5-LGTIjuz7xLnOxPcfvOzRJ_zwSooNCTX7CD4g624y2bRPXKtrLrjV7lx1_I2ASOwWT_NCrg4csO9vpLCmuNle3husyeZ3jrNj0B3P3eW_rs7o&sig=Cg0ArKJSzCCHe89hwbcKEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 app.js Show response
servedbyadbutler.com/ Frame 8CC7 67 KB
13 KB 17ms
17ms Script
application/javascript 51.222.11.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app.js
Requested by: Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.11.129 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5004418.ip-51-222-11.net
Software: nginx /
Resource Hash: 19f017b060eef42c6c184a49c2293ba61282cf67189da8025a13dd7dd680e588

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 22:44:56 GMT
server: nginx
etag: W/"65496c68-10da1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Wed, 20 Dec 2023 12:43:32 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/ Frame 960B 501 B
405 B 21ms
18ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox.js?mb=1703074412631&lv=1
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 162557ddeb09279d054dfe0e7b7c8a7f890ffe6638fc0c1081053d97ac28b20d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 12:04:54 GMT
server: cloudflare
age: 518
cf-polished: origSize=510
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8387ccc70ad2c420-EWR

GET
H2 200 click Show response
servedbyadbutler.com/adserve/;ID=181133;size=728x90;setID=600396;type=async;domid=placement_600396_0;place=0;pid=9203380;sw=1600;sh=1200;spr=1;rnd=9203380;referrer=https%3A%2F%2F185.80.196.79.sslip... Frame 8CC7 3 KB
2 KB 17ms
16ms Script
application/javascript 51.222.11.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://servedbyadbutler.com/adserve/;ID=181133;size=728x90;setID=600396;type=async;domid=placement_600396_0;place=0;pid=9203380;sw=1600;sh=1200;spr=1;rnd=9203380;referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F;atf=1;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuSfVD5TzDnCWjN3HCOwYY-96cI9aitXs_H69v51ucs2rz8T0fmHc79D26jDbkUvFTE7RkmXI-NEQLoy2BEjE7XSxQLwBBHabBgg2ZzKXPRWYJr26hsoOotR8FqDpiWUTJDQoU5-uACvfPtx9UkBTcuPGvBWT5PS8JLRFXpI5TeSTAG75y5adNdIz_D73AclwhMwitaYeog9Qu6bR7zQKS-QsDcYcp7Q6HQTV1FWDKq-41xLlv0je9StKdsMR2kDvd6Drvk2XGX_alBfnL4xzbIYOl8hQzdsOjK7PFU4hldxs7N5dSgnO7Us5UETm-g99OKp5TrqEjoEguEdJODyDvy74rwVeal85-W6NBXQfk42UxejxOwHUmM12kyVZpYPw6gfWpcOuOeSHt-MSN4COxlsQ&sai=AMfl-YSfNT5mV0aK5XgD_k5u4akKEsG14Kc8rcfAp7m8RDUomhHS3j_Ou_GkzEI9giaNXunXY-y51Q5xtAu2ez7ScC_kiHZ2v7vFoVXI8DyUG8iDI1OFR_exmF9TFF2kdCs&sig=Cg0ArKJSzJDPxDOCamc7EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.222.11.129 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5004418.ip-51-222-11.net

Software

nginx /

Resource Hash

d3b14a9cb413c0103fbac63f814681b922751c197b9cbce0554ef9905a3ca1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/ Frame 960B 693 KB
147 KB 30ms
28ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638386043632378234
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox.js?mb=1703074412631&lv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f7f51e6bef1fc5346f5d2f7b94c557d5d32985482e0e6e7e34fc8f07f0cff6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: //8KG9dxqOURpyUa2IDhbg==
age: 66734
cf-polished: origSize=1167838
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 19:57:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 81f33a7f-a01e-000f-49a2-32f5c6000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 8387ccc72af3c420-EWR
expires: Thu, 19 Dec 2024 12:13:32 GMT

GET
DATA 200
OK truncated
/ Frame 8CC7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c3157d764de5568bbe6112962b5dd401226ad0c2c41ac2e5da8ce4cadf0f35e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ;MID=181133;type=e959fb862;placementID=2274346;setID=600396;channelID=20392;CID=751993;BID=521589684;TAID=0;place=0;referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F;mt=1703074412660969;hc=97a2e0070... Show response
servedbyadbutler.com/adserve/ Frame 8CC7 0
370 B 14ms
12ms XHR
text/html 51.222.11.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://servedbyadbutler.com/adserve/;MID=181133;type=e959fb862;placementID=2274346;setID=600396;channelID=20392;CID=751993;BID=521589684;TAID=0;place=0;referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F;mt=1703074412660969;hc=97a2e007042d92da2e07d211645fdf9f11bddac1

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.222.11.129 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5004418.ip-51-222-11.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
a2.adform.net/adfscript/ Frame F978 2 KB
2 KB 187ms
142ms Script
text/javascript 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/adfscript/?bn=70093631;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuSfVD5TzDnCWjN3HCOwYY-96cI9aitXs_H69v51ucs2rz8T0fmHc79D26jDbkUvFTE7RkmXI-NEQLoy2BEjE7XSxQLwBBHabBgg2ZzKXPRWYJr26hsoOotR8FqDpiWUTJDQoU5-uACvfPtx9UkBTcuPGvBWT5PS8JLRFXpI5TeSTAG75y5adNdIz_D73AclwhMwitaYeog9Qu6bR7zQKS-QsDcYcp7Q6HQTV1FWDKq-41xLlv0je9StKdsMR2kDvd6Drvk2XGX_alBfnL4xzbIYOl8hQzdsOjK7PFU4hldxs7N5dSgnO7Us5UETm-g99OKp5TrqEjoEguEdJODyDvy74rwVeal85-W6NBXQfk42UxejxOwHUmM12kyVZpYPw6gfWpcOuOeSHt-MSN4COxlsQ&sai=AMfl-YSfNT5mV0aK5XgD_k5u4akKEsG14Kc8rcfAp7m8RDUomhHS3j_Ou_GkzEI9giaNXunXY-y51Q5xtAu2ez7ScC_kiHZ2v7vFoVXI8DyUG8iDI1OFR_exmF9TFF2kdCs&sig=Cg0ArKJSzJDPxDOCamc7EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://servedbyadbutler.com/redirect.spark?MID=181133&plid=2274346&setID=600396&channelID=20392&CID=751993&banID=521589684&PID=0&textadID=0&tc=1&scheduleID=2194714&adSize=728x90&mt=1703074412660928&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F&hc=a19d1801918ae9f4e8fe19b4511f1be40eb4a008&location=

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

942421e1753ad3cfa2e53481dcfe5ad7e667c10de6504f644fd80013af6744fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1519
expires: -1

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 17ms
17ms Stylesheet
text/css 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=638017198397572777
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638386043632378234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 516593
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: b55d27d0-701e-0042-2a7e-233324000000
cache-control: public, max-age=2678400
x-ms-version: 2009-09-19
cf-ray: 8387ccc79b5ac420-EWR
expires: Sat, 20 Jan 2024 12:13:32 GMT

GET
H2 200 z Show response
lightboxapi.azurewebsites.net/z9gd/42066/185.80.196.79.sslip.io/jsonp/ 703 B
1 KB 234ms
49ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42066/185.80.196.79.sslip.io/jsonp/z?cb=1703074412746&callback=jQuery17109751379804561751_1703074412730&_=1703074412747
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638386043632378234
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca1e15c56015e8cd249c7663e6b9006f6b09070e54ca7a585e2ea60940a33e42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
259 B 17ms
17ms Image
image/gif 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1703074412737&h=185.80.196.79.sslip.io&e=p&u=42066
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Dec 2023 12:13:32 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1648440
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 57fbc954-301e-004e-183f-24ddd5000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8387ccc7bb70c420-EWR

GET
H2 200 bootstrap.js Show response
s2.adform.net/stoat/630/s2.adform.net/ Frame C3E1 37 KB
17 KB 66ms
7ms Script
text/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/adfscript/?bn=67441645;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssBdPHUZPWfdQzMaaYxpE3twKlpeYgnlhmFB7LUMj__zljxoMi0SRta33BZ5qtVXsYCl9EZ1uGHl6C2kdsgaTOisCg7Tjw9BbPj8DAPL6D2HcnJMikKeSbcMn-w21b0u-8NRANwo1du0IDOl5vbKwfg-zsitIUZwcISCgJbweBPIwNO9eSIK1U3L8XljaET70Vu7HpaAJosm960pEtPjJraXXYdM-Gg5uMW0Pl4LV794HPlJX2KlFGOcgSKeOiVzaA8hORYHUKlcEJmTNbq0yml9LPbKt0ki0n8M1IUHRom3mzAKHnQOH4ZpJRWp-qe0oTk3puKnzInWPuHy83562HC6LoHX3HLi9_BBYrgbV4TzuObUOgmfpqenSZMag45uYSX83fVI7pm_U0rX7ncw6Zaqg&sai=AMfl-YRBknO-7H2wpO6Eq4Ijq_cMemQqTRXlqirbs_8A4h5fX7mbqrgfzw__ZXuXRq30zgnDBMrZ10q-QL0shEJYNOSvT1GoxJibKqs-cYNrAaoV7j8EhIDYPYycJ64rbqA&sig=Cg0ArKJSzJWzxC_jkBhBEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 926547a360b6d70cec0a14fe9fbe47cdf5b2982778e0a39af61faf103e7e6d02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: STALE, BYPASS, STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 24 Nov 2023 02:40:28 GMT

GET
H2 200 bootstrap.js Show response
s2.adform.net/stoat/630/s2.adform.net/ Frame F978 37 KB
17 KB 62ms
5ms Script
text/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/adfscript/?bn=70093631;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuSfVD5TzDnCWjN3HCOwYY-96cI9aitXs_H69v51ucs2rz8T0fmHc79D26jDbkUvFTE7RkmXI-NEQLoy2BEjE7XSxQLwBBHabBgg2ZzKXPRWYJr26hsoOotR8FqDpiWUTJDQoU5-uACvfPtx9UkBTcuPGvBWT5PS8JLRFXpI5TeSTAG75y5adNdIz_D73AclwhMwitaYeog9Qu6bR7zQKS-QsDcYcp7Q6HQTV1FWDKq-41xLlv0je9StKdsMR2kDvd6Drvk2XGX_alBfnL4xzbIYOl8hQzdsOjK7PFU4hldxs7N5dSgnO7Us5UETm-g99OKp5TrqEjoEguEdJODyDvy74rwVeal85-W6NBXQfk42UxejxOwHUmM12kyVZpYPw6gfWpcOuOeSHt-MSN4COxlsQ&sai=AMfl-YSfNT5mV0aK5XgD_k5u4akKEsG14Kc8rcfAp7m8RDUomhHS3j_Ou_GkzEI9giaNXunXY-y51Q5xtAu2ez7ScC_kiHZ2v7vFoVXI8DyUG8iDI1OFR_exmF9TFF2kdCs&sig=Cg0ArKJSzJDPxDOCamc7EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://servedbyadbutler.com/redirect.spark?MID=181133&plid=2274346&setID=600396&channelID=20392&CID=751993&banID=521589684&PID=0&textadID=0&tc=1&scheduleID=2194714&adSize=728x90&mt=1703074412660928&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F&hc=a19d1801918ae9f4e8fe19b4511f1be40eb4a008&location=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 926547a360b6d70cec0a14fe9fbe47cdf5b2982778e0a39af61faf103e7e6d02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: STALE, BYPASS, STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 24 Nov 2023 02:40:28 GMT

GET
H2 200 bootstrap.js Show response
s2.adform.net/stoat/630/s2.adform.net/ Frame F8A1 37 KB
17 KB 66ms
8ms Script
text/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/adfscript/?bn=70093636;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsslB2ffPnxnkIOFsfCorWVawdKAhpLjn3qb4kyNw2XnDEIDSGPLwkbxBCHxcMUpOaHgu_eV8Osgcj1nrnI7lNl-zndAms-tHJSZgTVOzDvH3RfqlQRDP-FQEkVbnQaXXTn4rrzDeRF6rMMBfCUkYUPr0AQEJyB50jDuMLzVL_IpN-vtSWO6-ev5dBqnTM1EhXkmxRGw6w3zF_eh70QYCfr_8Zkh75wq0dZg5M_zMnM0pVFDPSrttqowFjjNb2IlZsmHA5k-P8lh6cUFasxHNHPJdp-nhBa7IDjizu6Ti19JGeGRyJxk6-65jowbQeYbvXoAPeugCXz4j9ja3ZLwbpiqQZyH6syi-9v4nmXVaLW2eunfO6PpNJ-GYO07hWJ2d4m0_HO_XlOlVWOYzkUieROxvw&sai=AMfl-YTX4I5SfkyyKpI010f4ysXAvIOluyapzw4n5lqHG1MvJaifKRce-ncgdcJhLh3EI25fPXuAn87IChet2_IzXdUymc3cmkVN-MPgS28jC82UxQilca3fN6sej-SKMA&sig=Cg0ArKJSzIhPOdooKmpIEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://servedbyadbutler.com/redirect.spark?MID=181133&plid=2274346&setID=600389&channelID=20392&CID=751993&banID=521589681&PID=0&textadID=0&tc=1&scheduleID=2194714&adSize=300x250&mt=1703074412580692&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F&hc=f12f283412f530d773af42cadec28bd652ce2ee9&location=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 926547a360b6d70cec0a14fe9fbe47cdf5b2982778e0a39af61faf103e7e6d02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:32 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: STALE, BYPASS, STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 24 Nov 2023 02:40:28 GMT

GET
H2 200 / Show response
a2.adform.net/adfserve/ Frame F978 6 KB
3 KB 131ms
131ms Script
text/javascript 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/adfserve/?CC=1&bn=70093631;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuSfVD5TzDnCWjN3HCOwYY-96cI9aitXs_H69v51ucs2rz8T0fmHc79D26jDbkUvFTE7RkmXI-NEQLoy2BEjE7XSxQLwBBHabBgg2ZzKXPRWYJr26hsoOotR8FqDpiWUTJDQoU5-uACvfPtx9UkBTcuPGvBWT5PS8JLRFXpI5TeSTAG75y5adNdIz_D73AclwhMwitaYeog9Qu6bR7zQKS-QsDcYcp7Q6HQTV1FWDKq-41xLlv0je9StKdsMR2kDvd6Drvk2XGX_alBfnL4xzbIYOl8hQzdsOjK7PFU4hldxs7N5dSgnO7Us5UETm-g99OKp5TrqEjoEguEdJODyDvy74rwVeal85-W6NBXQfk42UxejxOwHUmM12kyVZpYPw6gfWpcOuOeSHt-MSN4COxlsQ&sai=AMfl-YSfNT5mV0aK5XgD_k5u4akKEsG14Kc8rcfAp7m8RDUomhHS3j_Ou_GkzEI9giaNXunXY-y51Q5xtAu2ez7ScC_kiHZ2v7vFoVXI8DyUG8iDI1OFR_exmF9TFF2kdCs&sig=Cg0ArKJSzJDPxDOCamc7EAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://servedbyadbutler.com/redirect.spark?MID=181133&plid=2274346&setID=600396&channelID=20392&CID=751993&banID=521589684&PID=0&textadID=0&tc=1&scheduleID=2194714&adSize=728x90&mt=1703074412660928&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F&hc=a19d1801918ae9f4e8fe19b4511f1be40eb4a008&location=;js=1;adfxid=1x;3347;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2F185.80.196.79.sslip.io

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

02b535b7b49b18864c29775b1ef4c9a0c20e360659eb378ecbd76cb76c17fd3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2905
expires: -1

GET
H2 200 / Show response
a2.adform.net/adfserve/ Frame C3E1 5 KB
3 KB 132ms
131ms Script
text/javascript 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/adfserve/?CC=1&bn=67441645;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssBdPHUZPWfdQzMaaYxpE3twKlpeYgnlhmFB7LUMj__zljxoMi0SRta33BZ5qtVXsYCl9EZ1uGHl6C2kdsgaTOisCg7Tjw9BbPj8DAPL6D2HcnJMikKeSbcMn-w21b0u-8NRANwo1du0IDOl5vbKwfg-zsitIUZwcISCgJbweBPIwNO9eSIK1U3L8XljaET70Vu7HpaAJosm960pEtPjJraXXYdM-Gg5uMW0Pl4LV794HPlJX2KlFGOcgSKeOiVzaA8hORYHUKlcEJmTNbq0yml9LPbKt0ki0n8M1IUHRom3mzAKHnQOH4ZpJRWp-qe0oTk3puKnzInWPuHy83562HC6LoHX3HLi9_BBYrgbV4TzuObUOgmfpqenSZMag45uYSX83fVI7pm_U0rX7ncw6Zaqg&sai=AMfl-YRBknO-7H2wpO6Eq4Ijq_cMemQqTRXlqirbs_8A4h5fX7mbqrgfzw__ZXuXRq30zgnDBMrZ10q-QL0shEJYNOSvT1GoxJibKqs-cYNrAaoV7j8EhIDYPYycJ64rbqA&sig=Cg0ArKJSzJWzxC_jkBhBEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=;js=1;adfxid=2x;5473;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2F185.80.196.79.sslip.io

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a605d39117a721a0afc6747bb5791eb1fe7d78388fe61377ab63268892a2c053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2606
expires: -1

GET
H2 200 / Show response
a2.adform.net/adfserve/ Frame F8A1 6 KB
3 KB 134ms
133ms Script
text/javascript 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/adfserve/?CC=1&bn=70093636;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsslB2ffPnxnkIOFsfCorWVawdKAhpLjn3qb4kyNw2XnDEIDSGPLwkbxBCHxcMUpOaHgu_eV8Osgcj1nrnI7lNl-zndAms-tHJSZgTVOzDvH3RfqlQRDP-FQEkVbnQaXXTn4rrzDeRF6rMMBfCUkYUPr0AQEJyB50jDuMLzVL_IpN-vtSWO6-ev5dBqnTM1EhXkmxRGw6w3zF_eh70QYCfr_8Zkh75wq0dZg5M_zMnM0pVFDPSrttqowFjjNb2IlZsmHA5k-P8lh6cUFasxHNHPJdp-nhBa7IDjizu6Ti19JGeGRyJxk6-65jowbQeYbvXoAPeugCXz4j9ja3ZLwbpiqQZyH6syi-9v4nmXVaLW2eunfO6PpNJ-GYO07hWJ2d4m0_HO_XlOlVWOYzkUieROxvw&sai=AMfl-YTX4I5SfkyyKpI010f4ysXAvIOluyapzw4n5lqHG1MvJaifKRce-ncgdcJhLh3EI25fPXuAn87IChet2_IzXdUymc3cmkVN-MPgS28jC82UxQilca3fN6sej-SKMA&sig=Cg0ArKJSzIhPOdooKmpIEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://servedbyadbutler.com/redirect.spark?MID=181133&plid=2274346&setID=600389&channelID=20392&CID=751993&banID=521589681&PID=0&textadID=0&tc=1&scheduleID=2194714&adSize=300x250&mt=1703074412580692&sw=1600&sh=1200&spr=1&referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F&hc=f12f283412f530d773af42cadec28bd652ce2ee9&location=;js=1;adfxid=3x;9228;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2F185.80.196.79.sslip.io

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1d43e1539eb5c388b9671def8669f2e4074d543887c29b5809d94b666fb9a842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2902
expires: -1

GET
H2 200 settings.js Show response
www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox/7b326ca7-bf12-4cf2-8b22-faa738684506/ 4 KB
3 KB 17ms
16ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox/7b326ca7-bf12-4cf2-8b22-faa738684506/settings.js?cb=638017198397572777
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638386043632378234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4754b6de24fb6763a7d3ccb376563f90db41c3f2457c1830c58c1ba99c550903

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: rMh3MdcmwM68bYTxDl+m0A==
age: 224910
cf-polished: origSize=3666
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 14 Mar 2022 21:52:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 2259f9dd-c01e-001f-3f27-26c320000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 8387ccc94cb2c420-EWR
expires: Thu, 19 Dec 2024 12:13:33 GMT

GET
H2 200 lightbox_builder.js Show response
www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/ Frame 4508 291 KB
50 KB 22ms
21ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox_builder.js?cb=638017198397572777
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638386043632378234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 393c7ecfc835c146c0e4ad0a591d56e975143e99e0c21f08ccdc412f774c0149

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: VhfzUtx7TM+B6tDk7wJHaQ==
age: 515952
cf-polished: origSize=491701
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 19:57:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: fa955c53-301e-000a-6e7e-2301b9000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 8387ccc95cc3c420-EWR
expires: Thu, 19 Dec 2024 12:13:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4508 2 KB
998 B 115ms
65ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=fallback

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/lightbox_builder.js?cb=638017198397572777

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e4bcd9b88cbbde3deb757d328d37cacaa5481b3966f54bfe3d20baa218b5a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 12:13:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 12:13:33 GMT

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
105 B 14ms
13ms Image
image/gif 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1703074413078&h=185.80.196.79.sslip.io&e=i&u=42066&b=196969&v=empty&s=empty
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Dec 2023 12:13:33 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1648441
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 57fbc954-301e-004e-183f-24ddd5000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8387ccc9cd17c420-EWR

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1059430308&t=event&ni=1&_s=2&dl=https%3A%2F%2F185.80.196.79.sslip.io%2F&ul=en-us&de=UTF-8&dt=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Digioh&ea=Lightbox%20Display&el=196969&ev=1&_u=YHBAAUABAAAAACAAI~&jid=&gjid=&cid=485101152.1703074412&tid=UA-2624863-1&_gid=1908636501.1703074412&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&z=1326537404

Requested by

Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 20:51:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55351
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CC7 0
0 48ms
48ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEOZb5SKQchpgixV_ioTTnj81jDvZJSdhE4jDOBF3bWo4GbeOzxicQUNeaE7NUcwo23VDJpBIVgp12x2d3JOiHSYZQmWiLruqIkvTD4WPx9pgfmd1YO2CPrg3IniCWZz0KnKTjfP9xCjClxTUo0rSPrfJL4r8wDw_PIaD9-ryOm2E-JAjsboMC4Yv0Cny1i0EFynSJGlMd8giJSt_tL6m92F1oaQBwI8Oy7h2Cbo1d334LT_9ebT1SKXcdJU0AMAqHG6iTttyIt54SxJ4XcbCaqgi_Y3aAa69X-UEiJq1Lg6FhIh2inHa1ZQbU9dfHbEUszIbwdcTKQwJ76602Ch1WaS3ytghPAdXFN_GTztdgnz8ryIEUgs697-frEoK-NTHR87o-mEtEndBeqfA1ehYq-Rw7TZ6j&sai=AMfl-YSWYCexITPj4BiOnYeYfLA7VHo_fv4jHPubf4V15W0gqeYjCm8RFBuMH7C6shFl4Tu9Coyk07bmgO9llYH9Feid8l9lDPd70swfytv-hSwW80i9Hpdg0AnMNSOPPDs&sig=Cg0ArKJSzBGop6Xe9vUIEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 12:13:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5001 0
0 49ms
49ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjAnP1jHGW1Ml1pDHemX44woqEdwpep5juSFL5xaW49tD9uSP_qP4I7ODTL734ktDbu5PhWIJuwIRCxBxrL5Sc-l4F0SNuuj6F5k0hcK7BzqGbOl4mIuMzbqklcFmM8o0AhZXdiVLfOGvnjGv3zAXOUByuD3OGs5oGouFYjBlIN5kCP4RqC_9pJZkNSCVOzOeWYO2fGz17_g_SrdPKFCjnCijOuttjhCczxAFB_NKZQyR_CdsWmWO-o6C_WLJ8QIGnifltda7HiDDvLq-aOA1SQdPij_P4sRdWXv4fbYWtgtl3PuIpUXOHSvJiXS_R20beQoS4KJsEaNwmkWZPOa-_14bzDexNeTdVC3hhCm0KJdbuWMHoaF3qJxCjYA7-vB6VV8Prx8-7d0caFVmlw-Vn7De4dJ11&sai=AMfl-YTuIJV30v1zb5svub5xMBB1Rx_4TC6KSrES8rSGEaot4FYU_EUZECfD6OkRAt-iv9-GGIhInlAPBAeaKYHKiQqLk8jxko3K_HvX0JrhVuNd2bHB22O-Phfa94f1Mg&sig=Cg0ArKJSzICT-LBbWqDOEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 12:13:33 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1059430308&t=event&ni=1&_s=3&dl=https%3A%2F%2F185.80.196.79.sslip.io%2F&ul=en-us&de=UTF-8&dt=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Email%20Capture&ea=Lightbox%20Display&el=Button&ev=1&_u=YHBAAUABAAAAACAAI~&jid=&gjid=&cid=485101152.1703074412&tid=UA-2624863-1&_gid=1908636501.1703074412&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&z=883033885

Requested by

Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 20:51:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55351
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C3E1 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60c91018a6c9679846e58c0fa22ebd3440e34e1ba8e15dfd7f1fd680d3cd4967

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3E1 0
0 47ms
46ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQaJZ2GwX6lrBvqCWdi1ShlYeTkaZtaNBwexZdTs4Ko6A5Lt63KusQeMse9Pk4BNciNOrjbubkZmZSruWtuyDKA1WZe8AAwzrsurrOGh23PCtkUhz8mLafB9MkYBpN8VjEM1MPbOuqw1O-ZqJNsWXPW1WhNKAbh8bTUgjePCvHQs3s7U0SCyfIg_uWjgsfdKHYyqH4Xs8WLJYEYPaNwq-le1cLO7n51lPMJHAbGTBsxy-VxYV_zdQbGUO-Wjl2DyiFrBDmBDsUj3O-GYJ7Dt9V2FVvTU1--sO_dbsIVBl4zVs4TU0fVUoPnsylfNeIuTKlkw5wAbAeSPRFM3FkFbezuTZnp9L9mazUO4pECeUFt_vZiGf6SdFi_Lg4WzJ5ySv5exNvbBNRwwWowV6a_LbEjRBZzEQ3&sai=AMfl-YSWfnCkV66O5d4iuud2hseoiQx2CcPAunvpeTig2HlifOOSJKFVWAJJi4zW-IbBbNKFPi0W-tY8EX8ilM19TsAiipniZAR9xGTrxkI-8COtueCUm9Snf86KFGGUx3Q&sig=Cg0ArKJSzGCoqmVdIAD3EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 12:13:33 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 98ms
58ms XHR
application/json 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fb8e548cfc27c5a8eab60d0c865e7205380a2ee23f3c256d4b242c0e8def242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12259
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4508 15 KB
16 KB 57ms
17ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://185.80.196.79.sslip.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 16:41:58 GMT
x-content-type-options: nosniff
age: 415895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 16:41:58 GMT

GET
H2 200 Standard Show response
s2.adform.net//stoat/630/s2.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame F978 91 KB
39 KB 4ms
4ms Script
text/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net//stoat/630/s2.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: MISS, MISS, STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 18 Nov 2023 15:36:40 GMT

POST
H2 200 /
a2.adform.net/csimpr/ Frame F978 35 B
625 B 130ms
129ms Ping
image/gif 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/csimpr/?bn=70093631&csi=cGk2BA2wQP7CLVFi108y-GulOTonZhzUY9aH0aMZAYTrygPkIxxfk55XpuTGqhXObqNs7WcQx0mmBaVWM0atSN6vWmW1dlSa0

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 en.png
s2.adform.net/banners/scripts/assets/images/OBA/ Frame F978 4 KB
4 KB 3ms
2ms Image
image/png 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.adform.net/banners/scripts/assets/images/OBA/en.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 835b8e7fce8c7030ab18fe28277589c21b062b5b6e6301939cb1e62b1af3f151

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
last-modified: Wed, 25 May 2022 11:48:05 GMT
server: nginx
x-amz-request-id: tx00000f03c2bd0bbd42452-006392fc38-329373d4-default
etag: "03731761a34663b5a065acaa2cf51394"
x-cache-status: MISS, HIT, HIT
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4235

GET
H2 200 oba.png
s2.adform.net/banners/scripts/assets/images/OBA/ Frame F978 3 KB
3 KB 3ms
3ms Image
image/png 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.adform.net/banners/scripts/assets/images/OBA/oba.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
last-modified: Wed, 25 May 2022 11:49:23 GMT
server: nginx
x-amz-request-id: tx0000038d160f59124650a-006392fc38-3293868f-default
etag: "794c84d30e213ec6a144d64215f07551"
x-cache-status: MISS, HIT, HIT
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3262

GET
H2 200 Standard Show response
s2.adform.net//stoat/630/s2.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame C3E1 85 KB
36 KB 3ms
2ms Script
text/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net//stoat/630/s2.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: cbe7865410512e11935fb2051abdfc3f1d10dc8936066df03ab42829b1d5f6b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: MISS, MISS, STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 18 Nov 2023 15:36:40 GMT

GET
H2 200 Standard Show response
s2.adform.net//stoat/630/s2.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame F8A1 91 KB
39 KB 7ms
7ms Script
text/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net//stoat/630/s2.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: MISS, MISS, STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 18 Nov 2023 15:36:40 GMT

GET
H2 200 12104907.js Show response
s2.adform.net/Banners/Elements/Files/140944/12104907/ Frame CE65 21 KB
5 KB 6ms
6ms Script
application/x-javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104907/12104907.js?ADFassetID=12104907&bv=259
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 05e5908b790def398040c24728a98d3d1598323df2589f1ccbb90ca254fb88da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 22:12:10 GMT
server: nginx
x-amz-request-id: tx000005adc9650a4b04a36-0064daacd2-32959e94-default
etag: W/"32a0d31d7e9e4473d89a655808598e75"
x-cache-status: MISS, STALE, STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H2 200 /
a2.adform.net/csimpr/ Frame C3E1 35 B
625 B 130ms
130ms Ping
image/gif 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/csimpr/?bn=67441645&csi=cGk2BA2wQP6ptCszH8b1Fg5_x7E33uqQvJcX30zOnLbrygPkIxxfk3blvkZd7_sba0Xy_COOhUymBaVWM0atSN6vWmW1dlSa0

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 60006785.jpg
s2.adform.net/Banners/60006785/ Frame C3E1 23 KB
24 KB 3ms
2ms Image
image/jpeg 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.adform.net/Banners/60006785/60006785.jpg?bv=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a2e704843d2fe1e6534f5f2fb54e6a5d20eb1918577d7d75c1b485067d9accc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
last-modified: Wed, 02 Aug 2023 19:59:45 GMT
server: nginx
x-amz-request-id: tx00000db9b79d50a4ca851-0064cab5f9-329552dc-default
etag: "c1f80ad5c933aa10bbfe55bcfca357ad"
x-cache-status: MISS, STALE, STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23926

GET
H2 200 Adform.DHTML.js Show response
s2.adform.net/banners/scripts/rmb/ Frame CE65 30 KB
14 KB 4ms
4ms Script
application/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by: Host: s2.adform.net
URL: https://s2.adform.net//stoat/630/s2.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 08:14:37 GMT
server: nginx
x-amz-request-id: tx0000061ba9939bc5a639b-00655d2860-329558a4-default
etag: W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status: MISS, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 8d2665eef2dbbd7e785a5ab3312c34dc.js Show response
s2.adform.net/Banners/Elements/Files/140944/12104907/bvpath_259/ Frame CE65 95 KB
32 KB 6ms
6ms Script
application/x-javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104907/bvpath_259/8d2665eef2dbbd7e785a5ab3312c34dc.js
Requested by: Host: s2.adform.net
URL: https://s2.adform.net//stoat/630/s2.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4837fca4b7df61ec7fa4dba35aa73767ca6f6987d592f8a5a6c2946650423a31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 22:12:10 GMT
server: nginx
x-amz-request-id: tx00000c0c5fc3a094fecfd-0064daacd2-3295f883-default
etag: W/"0ce6e13ff114ff02cfc58a4f7fb5e788"
x-cache-status: MISS, STALE, STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 en.png
s2.adform.net/banners/scripts/assets/images/OBA/ Frame F8A1 4 KB
4 KB 9ms
7ms Image
image/png 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.adform.net/banners/scripts/assets/images/OBA/en.png
Requested by: Host: s2.adform.net
URL: https://s2.adform.net//stoat/630/s2.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 835b8e7fce8c7030ab18fe28277589c21b062b5b6e6301939cb1e62b1af3f151

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
last-modified: Wed, 25 May 2022 11:48:05 GMT
server: nginx
x-amz-request-id: tx00000f03c2bd0bbd42452-006392fc38-329373d4-default
etag: "03731761a34663b5a065acaa2cf51394"
x-cache-status: MISS, HIT, HIT
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4235

POST
H2 200 /
a2.adform.net/csimpr/ Frame F8A1 35 B
625 B 130ms
129ms Ping
image/gif 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/csimpr/?bn=70093636&csi=Y179vSWUPrVJF8FHv2VKWG1uLpxZkRf3Y9aH0aMZAYTrygPkIxxfk50L-fMuJ37E3ME7orVjta5FdD1kQ7l4Jt6vWmW1dlSa0

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 12:13:33 GMT

GET
H2 200 oba.png
s2.adform.net/banners/scripts/assets/images/OBA/ Frame F8A1 3 KB
3 KB 2ms
2ms Image
image/png 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.adform.net/banners/scripts/assets/images/OBA/oba.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
last-modified: Wed, 25 May 2022 11:49:23 GMT
server: nginx
x-amz-request-id: tx0000038d160f59124650a-006392fc38-3293868f-default
etag: "794c84d30e213ec6a144d64215f07551"
x-cache-status: MISS, HIT, HIT
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3262

GET
H2 200 12104904.js Show response
s2.adform.net/Banners/Elements/Files/140944/12104904/ Frame A56B 21 KB
5 KB 2ms
2ms Script
application/x-javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104904/12104904.js?ADFassetID=12104904&bv=259
Requested by: Host: 185.80.196.79.sslip.io
URL: https://185.80.196.79.sslip.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 163e0a550db51aa67d31cee66dbe7a28ac18ace5d2dc1f9ca4fae61752395257

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 22:11:59 GMT
server: nginx
x-amz-request-id: tx000002774ae911d0f54ae-0064daad54-3295cc06-default
etag: W/"2e816a802bf16b5aeafcc79fa5e41c5e"
x-cache-status: MISS, STALE, STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Adform.DHTML.js Show response
s2.adform.net/banners/scripts/rmb/ Frame A56B 30 KB
14 KB 3ms
3ms Script
application/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by: Host: s2.adform.net
URL: https://s2.adform.net//stoat/630/s2.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 08:14:37 GMT
server: nginx
x-amz-request-id: tx0000061ba9939bc5a639b-00655d2860-329558a4-default
etag: W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status: MISS, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 8d2665eef2dbbd7e785a5ab3312c34dc.js Show response
s2.adform.net/Banners/Elements/Files/140944/12104904/bvpath_259/ Frame A56B 95 KB
32 KB 5ms
5ms Script
application/x-javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104904/bvpath_259/8d2665eef2dbbd7e785a5ab3312c34dc.js
Requested by: Host: s2.adform.net
URL: https://s2.adform.net//stoat/630/s2.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4837fca4b7df61ec7fa4dba35aa73767ca6f6987d592f8a5a6c2946650423a31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 22:11:59 GMT
server: nginx
x-amz-request-id: tx00000a4d8ee4aa8a7b750-0064daad54-3295f919-default
etag: W/"0ce6e13ff114ff02cfc58a4f7fb5e788"
x-cache-status: MISS, STALE, STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 brandon_grotesque_500_normal.ttf
s2.adform.net/Banners/Elements/Files/140944/12104907/bvpath_259/fonts/ Frame CE65 89 KB
45 KB 10ms
2ms Font
application/x-font-ttf 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104907/bvpath_259/fonts/brandon_grotesque_500_normal.ttf
Requested by: Host: s2.adform.net
URL: https://s2.adform.net/Banners/Elements/Files/140944/12104907/bvpath_259/8d2665eef2dbbd7e785a5ab3312c34dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f13ec00679fb055bcedb50bb9ba8cbdc529c7404a0f97ad26ea6c29d5cb44920

Request headers

Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
Origin: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 22:12:10 GMT
server: nginx
x-amz-request-id: tx000009625b840b432eb58-0064daacd3-32959ea8-default
etag: W/"9015246bf4969e8dd66f79448500e3df"
x-cache-status: MISS, STALE, STALE
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 45d1a46ee2ae7793597ef35d65dc103e.jpg
s2.adform.net/Banners/Elements/Files/140944/12104907/bvpath_259/media/ Frame CE65 9 KB
9 KB 3ms
2ms Image
image/jpeg 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104907/bvpath_259/media/45d1a46ee2ae7793597ef35d65dc103e.jpg
Requested by: Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 97743ad624bdc70dcbcd10ee51bab54642159f20d9b7d3be2cf4181255ea415e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
last-modified: Thu, 01 Dec 2022 22:12:10 GMT
server: nginx
x-amz-request-id: tx00000cfa0c59f499d2411-0064daacd3-3295f919-default
etag: "45d1a46ee2ae7793597ef35d65dc103e"
x-cache-status: MISS, STALE, STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8762

GET
H2 200 f57a3e75a0268d349893b57f37abe2ad.svg
s2.adform.net/Banners/Elements/Files/140944/12104907/bvpath_259/media/ Frame CE65 7 KB
3 KB 4ms
3ms Image
image/svg+xml 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104907/bvpath_259/media/f57a3e75a0268d349893b57f37abe2ad.svg
Requested by: Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3ca709ef73487b3665f1a652d150931a97fc0fce5092445e793acee9d1ce3784

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 22:12:10 GMT
server: nginx
x-amz-request-id: tx00000ff872c4f88c3975e-0064daacd3-3295f919-default
etag: W/"f57a3e75a0268d349893b57f37abe2ad"
x-cache-status: MISS, STALE, STALE
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 brandon_grotesque_500_normal.ttf
s2.adform.net/Banners/Elements/Files/140944/12104904/bvpath_259/fonts/ Frame A56B 89 KB
45 KB 5ms
3ms Font
application/x-font-ttf 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104904/bvpath_259/fonts/brandon_grotesque_500_normal.ttf
Requested by: Host: s2.adform.net
URL: https://s2.adform.net/Banners/Elements/Files/140944/12104904/bvpath_259/8d2665eef2dbbd7e785a5ab3312c34dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f13ec00679fb055bcedb50bb9ba8cbdc529c7404a0f97ad26ea6c29d5cb44920

Request headers

Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
Origin: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 22:11:59 GMT
server: nginx
x-amz-request-id: tx00000e91b7ecc73d90ddb-0064daadfd-329552a5-default
etag: W/"9015246bf4969e8dd66f79448500e3df"
x-cache-status: MISS, STALE, STALE
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 6203a95e95bd31a918e4a14f2d483456.jpg
s2.adform.net/Banners/Elements/Files/140944/12104904/bvpath_259/media/ Frame A56B 22 KB
23 KB 6ms
4ms Image
image/jpeg 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104904/bvpath_259/media/6203a95e95bd31a918e4a14f2d483456.jpg
Requested by: Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e0eee1246f9cb8f38659aed416dc69b22b6a92c7332f4b40ac9f4dc822606fde

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
last-modified: Thu, 01 Dec 2022 22:11:59 GMT
server: nginx
x-amz-request-id: tx00000a7fc3c64a1d39c0c-0064daadfd-329552a5-default
etag: "6203a95e95bd31a918e4a14f2d483456"
x-cache-status: MISS, STALE, STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22685

GET
H2 200 f57a3e75a0268d349893b57f37abe2ad.svg
s2.adform.net/Banners/Elements/Files/140944/12104904/bvpath_259/media/ Frame A56B 7 KB
3 KB 7ms
6ms Image
image/svg+xml 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104904/bvpath_259/media/f57a3e75a0268d349893b57f37abe2ad.svg
Requested by: Host: d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
URL: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3ca709ef73487b3665f1a652d150931a97fc0fce5092445e793acee9d1ce3784

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 22:11:59 GMT
server: nginx
x-amz-request-id: tx00000c3e6c52db79ea115-0064daadfd-3295cc06-default
etag: W/"f57a3e75a0268d349893b57f37abe2ad"
x-cache-status: MISS, STALE, STALE
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 45d1a46ee2ae7793597ef35d65dc103e.jpg
s2.adform.net/Banners/Elements/Files/140944/12104907/bvpath_259/media/ Frame CE65 9 KB
9 KB 3ms
2ms Image
image/jpeg 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104907/bvpath_259/media/45d1a46ee2ae7793597ef35d65dc103e.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 97743ad624bdc70dcbcd10ee51bab54642159f20d9b7d3be2cf4181255ea415e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
last-modified: Thu, 01 Dec 2022 22:12:10 GMT
server: nginx
x-amz-request-id: tx00000cfa0c59f499d2411-0064daacd3-3295f919-default
etag: "45d1a46ee2ae7793597ef35d65dc103e"
x-cache-status: MISS, STALE, STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8762

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F7ED 13 KB
5 KB 20ms
12ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://185.80.196.79.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 345148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 12:21:05 GMT
expires: Sun, 15 Dec 2024 12:21:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E1D9 829 B
981 B 47ms
41ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d85bf841a4ccad12640be839a11b5daeda864c97ac0240f2f597ec837aa9f15

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f9zYgmwDfurpN1akRmTRww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://185.80.196.79.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f9zYgmwDfurpN1akRmTRww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 12:13:33 GMT
expires: Wed, 20 Dec 2023 12:13:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 6203a95e95bd31a918e4a14f2d483456.jpg
s2.adform.net/Banners/Elements/Files/140944/12104904/bvpath_259/media/ Frame A56B 22 KB
23 KB 4ms
4ms Image
image/jpeg 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.adform.net/Banners/Elements/Files/140944/12104904/bvpath_259/media/6203a95e95bd31a918e4a14f2d483456.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e0eee1246f9cb8f38659aed416dc69b22b6a92c7332f4b40ac9f4dc822606fde

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
last-modified: Thu, 01 Dec 2022 22:11:59 GMT
server: nginx
x-amz-request-id: tx00000a7fc3c64a1d39c0c-0064daadfd-329552a5-default
etag: "6203a95e95bd31a918e4a14f2d483456"
x-cache-status: MISS, STALE, STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22685

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F7ED 39 KB
15 KB 15ms
15ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 23:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 391797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 23:23:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E1D9 0
0 44ms
44ms Image
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1476677553059165&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ;MID=181133;type=v959fb862;placementID=2274346;setID=600396;channelID=20392;CID=751993;BID=521589684;TAID=0;place=0;referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F;mt=1703074412660960;hc=5b14038eb... Show response
servedbyadbutler.com/adserve/ Frame 8CC7 0
370 B 16ms
14ms XHR
text/html 51.222.11.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://servedbyadbutler.com/adserve/;MID=181133;type=v959fb862;placementID=2274346;setID=600396;channelID=20392;CID=751993;BID=521589684;TAID=0;place=0;referrer=https%3A%2F%2F185.80.196.79.sslip.io%2F;mt=1703074412660960;hc=5b14038eb183e0c3171034eed0f6d302fded9aee

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.222.11.129 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5004418.ip-51-222-11.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F7ED 0
10 B 12ms
11ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RJ0YKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:13:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CC7 42 B
64 B 49ms
48ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0bHDZRMB6ZaWd0st0x_oGZaaYaShOGNyXQD94waOEGxGXgAoJ4ae2Gbx0DxhpqJ7cajsTVJ70s_AypsBZHF4PtUTNmsNWXFSiyBZkFa96qGMnJYibRCzaWNmkpkWVS3Fiw2tJvRazKBLtaZAO5qPBWIkP&sig=Cg0ArKJSzDTHjcI-3gg7EAE&id=lidar2&mcvt=1001&p=571,436,665,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=19&adk=518484386&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703074412560&rpt=542&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C3E1 42 B
64 B 50ms
50ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxbWHqTxA7uW-hhKWE1LXnr_M19FVvK1rSm4zaPr-FYhPvH2IhOSx03FISo7v6lGspPADM5WooMBKamchC5ak3NXSLi4KZCEPYL5YdntM-kl9dSeXuHBBsW0zMwQLt5vhMDzcG-yypNnbuRlqV7pYpGc8y&sig=Cg0ArKJSzMMjHJQgt4AhEAE&id=lidar2&mcvt=1000&p=194,1010,444,1310&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2495303898&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703074412336&rpt=811&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
45ms Image
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1476677553059165&bg=!W1ilWBfNAAY3kmNgF5I7ADQBe5WfOHuu9TdpjJVmTsr1Qhaeit1UVoS_T8VfXNQAybAs3e-dM_Nar9g3QC-f4SulpnnFAgAAAEtSAAAABGgBB5kDBl9GknAOt-FQEJPlmpyuONhCQTYUPe13mV299N71U8Oh6UamwVyfBxMn7m_5QX8zqoAXeuJOKJXNOQSOOzCAsZw745eSx2jRB_kK02s5CNeNpZGN8Z-S04rcYILLkq17fFwlKDJ2MRcoYEo6bV-IBfyZuE9BMg4wpM0TdFNYfv6-rmGhi-YNwZW_yTnNdfOU20ImLBNKmv21w5YI_xHpFT7aBQC2RQdF94LnZsjgg2qz2j5HsIYMK3kELHSAA-fVvVf04NnF2lh3d9OJSMhBKvoAg8cuK705-m3oomk1DUbUXFbkSDQwVL5bqe9qt81V68WDYh6ce8ihVk1RkSh6YcUpS7OjeYAGD2dSz-7NrSFyv3xb4TABTG2u0yOBlD9_Ieqo4m5p00tdeVE_f0ulixBznVazd09Uyba8OHXdfWGO9F2jVsb5GEx1kIA7PzydqT609fH6N37OQMv6iKosvL59Iy-_AfkGuxuW-_ySvzuwlYmHD7IjI67Yi2COn9P5q7EbzQFE-ktafWRbl5MrPXjB382AUyiPJfV-nxcA9Ro5n7yUL73K3LPs0IVttB6yI4sqRexXeaTb8UohlTq4G4WXiSM--oBnj25XSowMEwFoWxaJ5jOh0R6D5V-mXY30yIOUaQ0NPlIY5RlPlngNoUM3O3vDp-JYqkuCDb21w4gkIquHyi49F5gvEHlqAYypL95-Ai5v_iK1kb1sFTEZ9VAhMSngCs27P8y78L7OM4IA6t4IrQHQYK3GOLU5HNgN7GRLLYdvzjkr3Q1uPram15NBeFO1M5DE6fXyvhi9skvVPN1hQpnta78pExRRmAtu3B5U0pKsFYbEmcIsZUW535IcdOPqk77Q3nLYaXhocpBBGKu-l4Ne8yIzXzaEqaQL56DnfspRZh65F8nKLrRQe9EVOXAm0nnny4bQpc4tKlPSuQ3QPPVCjxvXzFIO6Db05md6i6JiWXoz7Iq6Qraf99LBa3uva9LVBFc1vL3ga_-wuyw4wuYCI4Y98AgbD_v9bPyq19GBaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://185.80.196.79.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H2 200 /
a2.adform.net/serving/unload/ Frame F978 35 B
625 B 130ms
130ms Ping
image/gif 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/unload/?version=15&unload=465048279637088738@@70093631,730699072100247470,100|1107|0|0|0|0|0|0|0||38|1|||||1|0|0|0Lmr7MA1jAZcPlakbYq96SLD9I2WtEsTpAe79ch5O6cUU9xRUQGuv655XJEIBmke0|||11||0|0|

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
a2.adform.net/serving/unload/ Frame C3E1 35 B
625 B 130ms
129ms Ping
image/gif 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/unload/?version=15&unload=3918959322904285997@@67441645,5999694962021630761,100|1200|0|0|0|0|0|0|0||47|1|||||1|0|0|c920eRdNjxlcPlakbYq96cHOrdhstJrm_-drI1rERx8UU9xRUQGuv655XJEIBmke0|||11||0|0|

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 35ms
34ms Ping
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6CLCKX16XJ&_ono=1&gtm=45je3bt0v889608820&_p=1703074411750&gcd=11l1l1l1l1&dma=0&cid=485101152.1703074412&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1703074412&sct=1&seg=0&dl=https%3A%2F%2F185.80.196.79.sslip.io%2F&dt=TeacherTube%20Educational%20Videos%20for%20the%20School%20Classroom%20and%20Home%20-%20Including%20Educational%20Songs%2C%20History%20Videos%2C%20Student%20Videos%20and%20Math%20Videos&_s=2&tfd=7833
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6CLCKX16XJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://185.80.196.79.sslip.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:13:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://185.80.196.79.sslip.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 02:40:34	Name: lidid Value: ebc49df3-3cf8-4c8c-960b-e3b43d29159b
i6.liadm.com/s	1970-01-20 17:47:46	Name: _li_ss Value: CgA
i.liadm.com/s	1970-01-20 17:47:46	Name: _li_ss Value: ClcKBQgKEOMWCgYI3QEQ4xYKBgilARDjFgoGCIEBEOMWCgUIDBDtFgoGCKIBEOMWCgkI_____wcQ7RYKBQgLEOMWCgYIiwEQ4xYKBgjSARDjFgoFCH4Q4xY
.sslip.io/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .sslip.io
.sslip.io/	1970-01-21 02:40:34	Name: _lc2_fpi Value: 449d1ea6789c--01hj3jadc4eaezyz8vcbj5mxdy
.sslip.io/	1970-01-21 02:40:34	Name: _lc2_fpi_meta Value: {%22w%22:1703074411908}
.sslip.io/	1970-01-20 17:06:00	Name: _gid Value: GA1.2.1908636501.1703074412
.sslip.io/	1970-01-20 17:04:34	Name: _gat_gtag_UA_2624863_1 Value: 1
.sslip.io/	1970-01-20 19:14:10	Name: _gcl_au Value: 1.1.1429508275.1703074412
.sslip.io/	1970-01-21 02:40:34	Name: _ga Value: GA1.1.485101152.1703074412
.liadm.com/	1970-01-21 02:40:34	Name: lidid Value: ebc49df3-3cf8-4c8c-960b-e3b43d29159b
.sslip.io/	1970-01-20 17:47:46	Name: _li_ss Value: CjYKBQgKEOMWCgYI3QEQ4xYKBgiBARDjFgoFCAwQ7RYKBgiiARDjFgoGCIsBEOMWCgYI0gEQ4xY
.sslip.io/	1970-01-20 17:47:46	Name: _li_ss_meta Value: {%22w%22:1703074412274%2C%22e%22:1705666412274}
.adsrvr.org/	1970-01-21 01:51:36	Name: TDID Value: 85a36ab5-c654-4f14-8ecb-5441544fc531
.adsrvr.org/	1970-01-21 01:51:36	Name: TDCPM Value: CAESGQoKbGl2ZWludGVudBILCMSWvNvj18A8EAUYBSABKAIyCwjU77KI-tfAPBAFOAE.
.bidswitch.net/	1970-01-21 01:50:10	Name: tuuid Value: 363c2c32-5f59-46ac-a1f4-e31b68f242b6
.bidswitch.net/	1970-01-21 01:50:10	Name: c Value: 1703074412
.bidswitch.net/	1970-01-21 01:50:10	Name: tuuid_lu Value: 1703074412
.addthis.com/	1970-01-21 02:34:48	Name: na_id Value: 2023122012133200044014617034
.addthis.com/	1970-01-21 02:34:48	Name: na_tc Value: Y
.addthis.com/	1970-01-21 02:34:48	Name: uid Value: 6582da6c0399e9ef
.addthis.com/	1970-01-21 02:34:48	Name: ouid Value: 6582da6c000132450e1ed42dce8014bea8f55e43b9cddfd0db50
.zemanta.com/	1970-01-21 01:50:10	Name: zuid Value: M50iYvO0PV5zygAoL__5
.rezync.com/	1970-01-21 02:26:10	Name: zync-uuid Value: f4b19280-2985-4eec-86ab-d60769673007:1703074412.355907
.rfihub.com/	1970-01-21 02:26:10	Name: eud Value: H4sIAAAAAAAA_1XIuRGAMAwEwAqIXIeYk_VZdGODKYiQkEoJGcLdq_ipg7M2UM1mpHPu1LwPOhzh6SFAbBwQhCrXVcwScZflOxV5_rYX6ajlCFkAAAA
.rfihub.com/	1970-01-21 02:26:10	Name: rud Value: H4sIAAAAAAAA_-MSsjSzNDc1NLM0tTQ3NDAyMjY0EuIz1C2J98yPMKqILDCI9wIABPsGLCQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4BwEOLAbE2MhVu7ud-TrU9sKYl0hvveSynvKk2B2cgC8lBigu9o5Ihr8Aats95Q5AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjSzNDc1NLM0tTQ3NDAyMjY0EuIz1C2J98yPMKqILDCI9wIABPsGLCQAAAA
.dlx.addthis.com/	1970-01-20 17:47:46	Name: na_sc_x Value: 1
.mgid.com/	1970-01-21 01:50:10	Name: muidn Value: nbkwnOQrM_d4
.mgid.com/	1970-01-20 17:04:36	Name: __cf_bm Value: 7Z6DBsyV0mMv58RKPDeZN7Ve7AiaZCg11UddlVzWYeY-1703074412-1-AWdKmzGSLdn++L9hADnEacZFqTLiboGL6H0od9IQxpQ+DFm51/wglNDd/REcIndER/PE7om0D68zctz6JbmabCs=
cm.mgid.com/	1970-01-20 17:47:46	Name: mg_sync Value: {}
.rkdms.com/	1970-01-21 01:50:10	Name: sc Value: 13%3A113664
.rkdms.com/	1970-01-21 01:50:10	Name: sessionid Value: h-448c8eb9d8784dc0acd78b7bddbbe67a_t-1703074412
.doubleclick.net/	1970-01-21 02:40:34	Name: IDE Value: AHWqTUkWAn_GboGymfBDbG8kcF1NVDKSCf6bZWCdSwaSW9D8y5T-6HLHWlIBZVZqlJk
.sslip.io/	1970-01-21 02:26:10	Name: __gads Value: ID=898ce17d1dbebe9a:T=1703074412:RT=1703074412:S=ALNI_MY4N7MuV8jEBc7XGIXXXFkPzrVOBA
.sslip.io/	1970-01-21 02:26:10	Name: __gpi Value: UID=00000a04022ff42c:T=1703074412:RT=1703074412:S=ALNI_MYNyLMzANPIlvzYaQ7zygpkZILG1w
live.rezync.com/	1970-01-21 02:26:10	Name: sd-session-id Value: .eJwNykkOgzAMAMC_-Ewqx0nsOJ9BLK4UtdCKwKWIv5fjSHNC_7VtGVZbdyj7dlgH07vealBOaPW32AsKKKskz5pUPBIFT3B10Ky1-ln7Ot_lGUevlNGR5uSi2eQyD6ObGYWVJSBK8YIBJUZPj5CSosD1B1g8JII.ZYLabA.d1W-t2wG8Bp-teEelHikVr9fKlw
.sslip.io/	1970-01-21 02:40:34	Name: _ga_6CLCKX16XJ Value: GS1.1.1703074412.1.0.1703074412.60.0.0
.lightboxcdn.com/	1969-12-31 23:59:59	Name: _cfuvid Value: GKi2J14Wpz0V3qQDsYelrjE_DWOHf6ynRfgFhtuwT6A-1703074412621-0-604800000
.pippio.com/	1970-01-21 01:50:10	Name: did Value: 17DwrSI299Y9r22j
.pippio.com/	1970-01-21 01:50:10	Name: didts Value: 1703074412
.pippio.com/	1970-01-20 18:30:58	Name: nnls Value:
.pippio.com/	1970-01-20 18:30:58	Name: pxrc Value: CAA=
.turn.com/	1970-01-20 21:23:46	Name: uid Value: 3023469083165232987
.demdex.net/	1970-01-20 21:23:46	Name: demdex Value: 89349172392409339752642148008545414563
.dpm.demdex.net/	1970-01-20 21:23:46	Name: dpm Value: 89349172392409339752642148008545414563
.adform.net/	1970-01-20 17:49:12	Name: C Value: 1
.adform.net/	1970-01-20 18:30:58	Name: receive-cookie-deprecation Value: 1
.lightboxapi.azurewebsites.net/	1970-01-20 17:04:38	Name: TiPMix Value: 2.7111588674894604
.lightboxapi.azurewebsites.net/	1970-01-20 17:04:38	Name: x-ms-routing-name Value: self
.adform.net/	1970-01-20 18:30:58	Name: uid Value: 1267846177675694310
.adform.net/	1970-01-20 17:14:39	Name: TPC Value: 1703074413037

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://185.80.196.79.sslip.io/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: Failed to load resource: the server responded with a status of 500 ()
security	warning	URL: https://www.lightboxcdn.com/vendor/3668710d-610d-480d-bb1c-ea9170a8c85d/user.js?cb=638386043632378234(Line 97) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

185.80.196.79.sslip.io
a2.adform.net
analytics.google.com
b-code.liadm.com
b1sync.zemanta.com
c.amazon-adsystem.com
cdn.teachertube.com
cdnjs.cloudflare.com
cm.mgid.com
content.swncdn.com
d.turn.com
d9ed0ed75a27c9faef049aa93512352f.safeframe.googlesyndication.com
dis.criteo.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
lightboxapi.azurewebsites.net
live.rezync.com
match.adsrvr.org
media.swncdn.com
mid.rkdms.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
rp.liadm.com
rp4.liadm.com
s2.adform.net
securepubads.g.doubleclick.net
servedbyadbutler.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
www.teachertube.com
x.bidswitch.net
x.dlx.addthis.com
107.178.254.65
13.225.195.75
185.167.164.43
185.167.164.45
185.80.196.79
199.38.167.131
20.40.202.0
205.234.175.175
23.216.137.114
2600:1f18:730:b110:b9d7:5d50:f444:5e53
2600:1f18:ed:550e:3daf:be5a:6a09:50
2600:9000:215f:a800:8:8845:1500:93a1
2606:4700:1::6813:824c
2606:4700:20::6819:2f07
2606:4700::6811:190e
2606:4700::6813:d383
2607:f8b0:4004:c08::9d
2607:f8b0:4006:80d::2008
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2003
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2004
2620:112:f002:bbbb::23
34.206.231.187
34.232.211.7
35.211.178.172
35.71.131.137
50.31.142.191
51.222.11.129
52.204.112.221
52.5.50.31
52.85.107.191
74.119.119.150
02b535b7b49b18864c29775b1ef4c9a0c20e360659eb378ecbd76cb76c17fd3b
04c9dfe11ceca22c22ef1b12dc111783f25c16f39a2a86cdd7edb32684cbb508
05e5908b790def398040c24728a98d3d1598323df2589f1ccbb90ca254fb88da
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e3436fda51c8e8eb41bb2569c2f3fe308f3ce2be168b56fdc15d29df05d000
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08db8744e1e40d0dea90de30c0019e235218d99ced1629cfea8a90e2a5a419a7
0b260c07c492feaceaf530088ebb7600813374c16e0f913fc1a18b44c97f26d9
0b787eab19555b483998f02a983f8076fb9a9d0ccd93b55423318c099c21fbc6
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0bcb77020a6a8592d05e6801a677c106cce19639fb566e05dbfce8376cc980a3
0d0187474931310af92db3ba3c2316224aba85d74f98cfc41cc9c7d937cc68b0
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
162557ddeb09279d054dfe0e7b7c8a7f890ffe6638fc0c1081053d97ac28b20d
163e0a550db51aa67d31cee66dbe7a28ac18ace5d2dc1f9ca4fae61752395257
19f017b060eef42c6c184a49c2293ba61282cf67189da8025a13dd7dd680e588
1d43e1539eb5c388b9671def8669f2e4074d543887c29b5809d94b666fb9a842
1ed2aff5bb5a2b032a6f5ab8afae851104d7166724987a631651c1f4d882f308
2135ad201ca8401fb13d4773b852b2d91b2aa21f60b3ea272ff327d7525a1082
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30ecc46eac05a2fee506214087afdddc5a45305b875b2ae53188438c307972f2
326cb3f43bc4866956a8a7f3eadc01dafd6db85dbd1fc7cfc1494aaef5ba5742
35032bf4046d36a413e4e51161a475a27532b167ddac0a61adbd6c6c8270aed7
373db05fbfcf6158eabbb85c105b1dfb9ae99394c993c10f48fc370abdd0eb6a
393c7ecfc835c146c0e4ad0a591d56e975143e99e0c21f08ccdc412f774c0149
3a89134e5074bda447639863e25a4e136769b3c0fc95aaf047c35cd784808e5a
3ca709ef73487b3665f1a652d150931a97fc0fce5092445e793acee9d1ce3784
3d85bf841a4ccad12640be839a11b5daeda864c97ac0240f2f597ec837aa9f15
3fb8e548cfc27c5a8eab60d0c865e7205380a2ee23f3c256d4b242c0e8def242
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4754b6de24fb6763a7d3ccb376563f90db41c3f2457c1830c58c1ba99c550903
47ba748628cb1e3b9cea86533cb091c48acf7af5651f55b1c54459719a423d42
4837fca4b7df61ec7fa4dba35aa73767ca6f6987d592f8a5a6c2946650423a31
48749e4b7f98c7f45f40076797dbc8005c15894760e3b18ab55f3655207c86e9
489cf773b253c1e1f6ba66ca0ca555d1f604c2517716e3a4a424ec3adfb936dc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
56d534d2c384bd82d8e92a7c9b9ab3f2e3f5581f231510c627b38f101c3b3502
583edc8fb897ec5ebc6dd3c54679ce9f8d3d4454e2c8d00561e88897ddd21839
58db6e642a5c93a30ac885003bc145ba1350a8c38a4a200b7a6b113ab51f8c8c
590b1c85090cd7d76f56b31adb1ff050ef8aabf6ad535e603cc7a8e0454eaac3
5db2e80e3f29328a362c9753db36f09f118635b697e29e45987bdc97a7f7bbc4
5e0490cc756d3a3b831dff7582a81c2b1cafaa57eeb5f281d3b93fb94874714b
5e4bcd9b88cbbde3deb757d328d37cacaa5481b3966f54bfe3d20baa218b5a2e
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60c91018a6c9679846e58c0fa22ebd3440e34e1ba8e15dfd7f1fd680d3cd4967
618deeee95ada2869cbc7402b889ea71fa6366fe8ec232bfebbfd3043163f712
61aa1bff6855b179c44f7e3bf952a0dc9913e0b2041929a020591ff831920f5d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65d54d8b3da05b0470472de1b1837eb008522496f9a0b5819aa9ebb03b006606
67fe60348920ae0cf01fdd81b9e36ffa7254eabef360848b0d8dc1ee9f9fa7ae
700fbafde03073f9f4874de3a24894ac5b15b5dcf94cb30796443068683bb05a
71dd5d9c9b1daecd546edf5fc5634e48201cfa411c4386cedfd94329c69d32b9
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835b8e7fce8c7030ab18fe28277589c21b062b5b6e6301939cb1e62b1af3f151
85c09161b6c533697d2f42cf425d389c31aaa97f05f9b48f76700469910a9c20
86a7ac5f85a94ad785544cf42212f620e222572e8a7c34f44a776a658c772b05
882131fea024d9277f69936dce728fdf9376589f7dcb51c81794ccab173dbd10
89829b7409391803bc3d3eb9b9ace1c4ded110b3e70da7c07c36f4907bce1562
8c3157d764de5568bbe6112962b5dd401226ad0c2c41ac2e5da8ce4cadf0f35e
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a
8d88d24a09fadc5d552f9cfdc6c7d22ec9c2ec50f8470f28d0c126c3142224c8
926547a360b6d70cec0a14fe9fbe47cdf5b2982778e0a39af61faf103e7e6d02
942421e1753ad3cfa2e53481dcfe5ad7e667c10de6504f644fd80013af6744fe
9766b93d0025b538daff9e6b3f145840726a1bfe063aa80fc9323083733cbd84
97743ad624bdc70dcbcd10ee51bab54642159f20d9b7d3be2cf4181255ea415e
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9efb0fa8b6eb17ef69b3c4a0bc131d5b890feb43aef54da5e00ccb9111013a4a
9ff33e49702078f94423110e93d8e1f4244fe06593d5a265ef1112d75ee46a28
a2e704843d2fe1e6534f5f2fb54e6a5d20eb1918577d7d75c1b485067d9accc1
a5d7fef8fe761435ea4a85dc28fda75e42a782187bf9289a53cd6d2f49507966
a605d39117a721a0afc6747bb5791eb1fe7d78388fe61377ab63268892a2c053
af1725783d5dc2e5d1f3cf5dcddbc2bd198086933ca920d400eae6ad87912488
af3a6ad1716cb90c3c3391eec1ca45bf595644de5a6e9112f4440a5298467eec
af74e1a011da94fd4b962c03b77c284344511432ecf9154845f058c96bd02cd4
b1f7f51e6bef1fc5346f5d2f7b94c557d5d32985482e0e6e7e34fc8f07f0cff6
b331bd2fad59d5e70a6628f16130ce4fff5cfef99a11beb0a80e1e75816a1b84
b6063f4c908efee944c87b02f8ddd54e55d60fb495fe2d95fad3c964fa8d0d5e
b885e9ca55ffd164b37ed4e3316f8a88f7b5c5fdc6920b8a2c5fdd0e89ca0eaf
c3e02a868d3bee66ff08eb2b74a5db6224af1185a0b614e240d49b46cfa52ca6
c77b1cc2439c34f343e09b29a5dc3a76934660b72eaed4406bd5b31d409f04b3
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71
ca1e15c56015e8cd249c7663e6b9006f6b09070e54ca7a585e2ea60940a33e42
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbe7865410512e11935fb2051abdfc3f1d10dc8936066df03ab42829b1d5f6b3
ceeada33b44bd66a03c22c5bd457f7a6bcc9ab1f5e451bd70ed4653662702d74
d3b14a9cb413c0103fbac63f814681b922751c197b9cbce0554ef9905a3ca1ec
d932243e46a23ec66e87cfaa3390f5426459bdb89f6920d25e78f4e0a0387eef
ddd55c5756a4ea1e42ab58e2af23d55431b9f808c61a2e5837e61c488c317718
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0eee1246f9cb8f38659aed416dc69b22b6a92c7332f4b40ac9f4dc822606fde
e0f23fa5ba218f00f5039678455f7be32b113009048a71802bc7bb6f7e6f3606
e39ab7644d5fa9f3f00831e216f08288b55bd061d77385d4281a5aab5ffa44d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e909e1c0b2634f8f16c9a9c2cbd515667f22b98470ece970f85bc75886a9ec38
e9f4d0009dd384954901125db9e7c1375a604a102516aaed6bdd7113113817d3
ed7d9336de582248857dbf01b186a480a5c57337b5516e3e01dff1a26005c7b5
ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb
eec6e77c0ea542ba578b17db6d1dd6d7b1fbfacc0d244ccc0d8ca17b6fe79d87
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f13ec00679fb055bcedb50bb9ba8cbdc529c7404a0f97ad26ea6c29d5cb44920
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdca94b5eb3df5cec885dc4fa966adf60d065e4a8f296db5124d731c0210d7c1
feb66f83bae1b5d508dcf05686ca73d3fd178a3d32216bd134bc26156fbdfed7

185.80.196.79.sslip.io Open in urlscan Pro 185.80.196.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

157 Requests

96 %HTTPS

49 %IPv6

30 Domains

42 Subdomains

30 IPs

4 Countries

3476 kBTransfer

8428 kBSize

53 Cookies

66 Outgoing links

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

185.80.196.79.sslip.io Open in urlscan Pro
185.80.196.79 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

96 %
HTTPS

49 %
IPv6

30
Domains

42
Subdomains

30
IPs

4
Countries

3476 kB
Transfer

8428 kB
Size

53
Cookies

157 HTTP transactions
5 data transactions