imgflip.com Open in urlscan Pro
104.18.255.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://imgflip.com/i/4so0gl
Submission: On January 05 via manual (January 5th 2021, 8:34:52 pm UTC) from US

Summary HTTP 68 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 16 domains to perform 68 HTTP transactions. The main IP is 104.18.255.14, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgflip.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.

This is the only time imgflip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	104.18.255.14 104.18.255.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	18.211.226.152 18.211.226.152	14618 (AMAZON-AES) (AMAZON-AES)
3	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1	63.33.218.134 63.33.218.134	16509 (AMAZON-02) (AMAZON-02)
1	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.72.81.17 54.72.81.17	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	3.215.247.12 3.215.247.12	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
68	22

15 104.18.255.14 (United States)

ASN13335 (CLOUDFLARENET, US)

imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.imgflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.218.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-218-134.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.36 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.81.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-81-17.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

50d0e859027e4ee73e0379fbf1a1021b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11485134cd86f0f508f639e84e8929b2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.247.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-247-12.compute-1.amazonaws.com

report.hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	imgflip.com imgflip.com s.imgflip.com i.imgflip.com	178 KB
14	googlesyndication.com 50d0e859027e4ee73e0379fbf1a1021b.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 11485134cd86f0f508f639e84e8929b2.safeframe.googlesyndication.com	27 KB
8	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	239 KB
5	googletagservices.com www.googletagservices.com	121 KB
5	brainlyads.com hb.brainlyads.com report.hb.brainlyads.com	115 KB
5	powerad.ai powerad.ai reporting.powerad.ai	28 KB
2	google.com adservice.google.com	2 KB
2	google.de adservice.google.de	930 B
2	adnxs.com ib.adnxs.com acdn.adnxs.com	1 KB
2	casalemedia.com as-sec.casalemedia.com	761 B
2	indexww.com js-sec.indexww.com	13 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	yieldmo.com ads.yieldmo.com	351 B
1	adsrvr.org match.adsrvr.org	541 B
1	rlcdn.com api.rlcdn.com	325 B
1	googletagmanager.com www.googletagmanager.com	38 KB
68	16

	Domain	Requested by
9	s.imgflip.com	imgflip.com s.imgflip.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net imgflip.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	hb.brainlyads.com securepubads.g.doubleclick.net
4	imgflip.com	imgflip.com
3	hb.brainlyads.com	imgflip.com hb.brainlyads.com
3	reporting.powerad.ai	powerad.ai
2	11485134cd86f0f508f639e84e8929b2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	report.hb.brainlyads.com	hb.brainlyads.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	as-sec.casalemedia.com	js-sec.indexww.com hb.brainlyads.com
2	js-sec.indexww.com	hb.brainlyads.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	powerad.ai	s.imgflip.com powerad.ai
2	stats.g.doubleclick.net	imgflip.com
2	i.imgflip.com	imgflip.com
1	acdn.adnxs.com	hb.brainlyads.com
1	50d0e859027e4ee73e0379fbf1a1021b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ads.yieldmo.com	hb.brainlyads.com
1	ib.adnxs.com	hb.brainlyads.com
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	www.googletagmanager.com	powerad.ai
68	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
play.google.com
chrome.google.com
addons.mozilla.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-30` - `2021-07-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2020-10-12` - `2021-10-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2019-01-22` - `2021-01-22`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.yieldmo.com Amazon	`2020-06-23` - `2021-07-23`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
report.hb.brainlyads.com R3	`2020-12-31` - `2021-03-31`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://imgflip.com/i/4so0gl
Frame ID: 750B3DD47099B1455CB2462CEE972853
Requests: 25 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2877/?pageId=1014730352&sizes=[]&winbidder=&keyValues=[[%22refresh%22,0]]
Frame ID: 2A1F6EA37FD1B439B4985C0E2D3A091E
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.js
Frame ID: 1BEBA6A1CC24CED0BBBF6B987A2227D7
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3lH1CZibsJoBTVFKnLN-6VcwyiLPksiriFZvO81BxokCQ0nw1ZLrQZY0X6jLfChU8U3Xm17X5BL02DsFX8EJN7ZDpCGW7JpOwreN1R0pQh6MjS-sOK57d7Yhvr4My98UiVi5EjOhA0Awpr_CJdt4bG2nNF9Smd-uFvEMzL5_fz6aBOnA6Xel8ha8QVlaJZHRSuBqxVLw-owR_nfkqvE-miSGd7Z8hc6tmioYKlf2LjHxWKY_4cYOEK6OqCfSqhdI7q0d_zGtl7PeDlrNrla3-kz5AzvTfcwLwWuw&sai=AMfl-YTXHWh08McvYnu7B4LtzpTt9a7vC8LflT7UbxfubkK8jDgT2cKI0OuRWe2IJGfAALt8E8NqhgB9acRKUKkhfVIAZzYNJIRbEZzItdC98b5l-9IuiXsyM2t_SLPc1b8l&sig=Cg0ArKJSzACkyDbXHqZREAE&urlfix=1&adurl=
Frame ID: DCD74086F7EAF17B152B6FAED075A053
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 798475BFB9D940E77AC8E1E35048EE6D
Requests: 1 HTTP requests in this frame

Frame: https://11485134cd86f0f508f639e84e8929b2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Frame ID: 83AD8178AD4CCC32E41D44CC64DB1C10
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 0CC16E5F7FBCDA9E625C582B4142E491
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4564342F2EEC26108D8CC92E72255CB6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 41EED056E13D5DC0D0483D529ED38BCA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

68
Requests

100 %
HTTPS

43 %
IPv6

16
Domains

25
Subdomains

22
IPs

5
Countries

783 kB
Transfer

2152 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/imgflip
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/imgflip
Title: Twitter

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.imgflip.twa
Title: Android App

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/imgflip-quick-create/ipdbhnffahpohpdkcelabahpmlheidff
Title: Chrome Extension

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/imgflip-quick-create/
Title: Firefox Addon

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 4so0gl Show response
imgflip.com/i/ 12 KB
4 KB 248ms
205ms Document
text/html 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36bb289d63b2369f8b650b04ec9a3489c1be230d51abed0b735f0cf62cfaf9c4

Request headers

:method: GET
:authority: imgflip.com
:scheme: https
:path: /i/4so0gl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d78ea59de66649561918b3ec162f49ed51609878874; expires=Thu, 04-Feb-21 20:34:34 GMT; path=/; domain=.imgflip.com; HttpOnly; SameSite=Lax
cf-cache-status: MISS
expires: Tue, 05 Jan 2021 20:35:04 GMT
cache-control: public, max-age=30
cf-request-id: 0775db4172000032a6e1add000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 60cffb15887332a6-CDG
content-encoding: br

GET
H2 200 style.css
s.imgflip.com/v1150/ 32 KB
7 KB 55ms
44ms Stylesheet
text/css 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgflip.com/v1150/style.css
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42b837e733c431ca605ecfe9862fc788634d9717ef518f5a0f8f6b192492843c

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 236841
cf-polished: origSize=44144
cf-bgj: minify
cf-request-id: 0775db4251000032a628399000000001
last-modified: Sun, 03 Jan 2021 02:47:01 GMT
server: cloudflare
etag: W/"5ff13025-ac70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 60cffb16ec4d32a6-CDG
expires: Fri, 05 Feb 2021 20:34:34 GMT

GET
H2 200 flip.css
s.imgflip.com/v1150/ 10 KB
3 KB 52ms
41ms Stylesheet
text/css 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgflip.com/v1150/flip.css
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ecd021de0563fd18d7c5443eb3abf0d0dc125706473467783708c34fadc424

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 236741
cf-polished: origSize=12420
cf-bgj: minify
cf-request-id: 0775db4251000032a6e4a50000000001
last-modified: Sun, 03 Jan 2021 02:47:01 GMT
server: cloudflare
etag: W/"5ff13025-3084"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 60cffb16ec4a32a6-CDG
expires: Fri, 05 Feb 2021 20:34:34 GMT

GET
H2 200 imgflip_white_96.png
imgflip.com/ 5 KB
5 KB 46ms
44ms Image
image/png 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgflip.com/imgflip_white_96.png
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe50dbbd32bb449600679660bc0b489d2ce3690e7c640a6737157ee030d51fe

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
cf-cache-status: HIT
age: 152066
cf-polished: origSize=5256
content-length: 4644
cf-request-id: 0775db4250000032a6329a5000000001
last-modified: Sun, 03 Jan 2021 02:47:01 GMT
server: cloudflare
etag: "5ff13025-1488"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Sat, 06 Mar 2021 20:34:34 GMT
cache-control: public, max-age=5184000
accept-ranges: bytes
cf-ray: 60cffb16ec4232a6-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 imgflip-icon-transparent-192.svg
imgflip.com/ 549 B
463 B 45ms
43ms Image
image/svg+xml 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgflip.com/imgflip-icon-transparent-192.svg
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519bc40fee468d6028055ca3ac133bb60ea7b10410385c7a95a58d807f96172b

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Nov 2020 03:07:51 GMT
server: cloudflare
age: 5160402
etag: W/"5fa60f87-225"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=5184000
cf-ray: 60cffb16ec4532a6-CDG
cf-request-id: 0775db4250000032a6feba2000000001
expires: Sat, 06 Mar 2021 20:34:34 GMT

GET
H2 200 4so0gl.jpg
i.imgflip.com/ 73 KB
74 KB 246ms
243ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/4so0gl.jpg
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a047edfb8517773cde79780d8c93414d46beba46be7868c2baf19fa1bf383cbd

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
cf-cache-status: MISS
x-amz-request-id: A9F74E4ED403A740
content-length: 74957
x-amz-id-2: MVI1+d1KDXEKvjkVBgridnPdUtW14qIvpp0brveJSiQUHW6WG1W+BaxI/QV8cp5XQM+f4ifZU9c=
last-modified: Tue, 05 Jan 2021 20:09:22 GMT
server: cloudflare
etag: "b166a166e2979b2c4121ca26142d1705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-request-id: 0775db4251000032a6371e2000000001
accept-ranges: bytes
cf-ray: 60cffb16ec4832a6-CDG
expires: Fri, 03 Jan 2031 20:34:34 GMT

GET
H2 200 261o3j.jpg
i.imgflip.com/2/ 5 KB
5 KB 53ms
51ms Image
image/jpeg 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgflip.com/2/261o3j.jpg
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89523f9073e7d811e706692e24faf7fc1b79ff28e34c7ef5242f346cc61b7b30

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
cf-cache-status: HIT
age: 5243428
cf-polished: status=not_needed
cf-ray: 60cffb16ec4632a6-CDG
content-length: 4945
x-amz-id-2: lhULVyG0/97BPSgndJ5j+47SDxXpwrnJWQjKJeptpkT1O1eR3sy4fXaNMjlYH3VnaM4oRbfTHWY=
last-modified: Fri, 09 Mar 2018 12:15:24 GMT
server: cloudflare
etag: "a48a5f7272e8420500b2268c56268ee0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 5AFE0CA51C50555D
access-control-allow-origin: *
expires: Fri, 03 Jan 2031 20:34:34 GMT
cache-control: public, max-age=315360000
cf-request-id: 0775db4250000032a619b6b000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 jq.js Show response
s.imgflip.com/ 82 KB
28 KB 55ms
48ms Script
application/javascript 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgflip.com/jq.js
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 247bea8afeb935aa59d1406c2fcf1ae89badce4c39150139638f25fc59ff1252

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Mar 2020 06:18:27 GMT
server: cloudflare
age: 593288
etag: W/"5e770333-148c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 60cffb16ec4e32a6-CDG
cf-request-id: 0775db4251000032a62b027000000001
expires: Fri, 05 Feb 2021 20:34:34 GMT

GET
H2 200 common.js Show response
s.imgflip.com/v1150/ 62 KB
22 KB 74ms
67ms Script
application/javascript 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgflip.com/v1150/common.js
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ff16344607869bd6ac7ccda226e8f0f3307a02534b057940cf9ac0ef9ed61e

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Jan 2021 02:46:37 GMT
server: cloudflare
age: 236841
etag: W/"5ff1300d-f61a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 60cffb16ec5632a6-CDG
cf-request-id: 0775db4252000032a622136000000001
expires: Fri, 05 Feb 2021 20:34:34 GMT

GET
H2 200 m.js Show response
s.imgflip.com/v1150/ 67 KB
23 KB 118ms
111ms Script
application/javascript 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgflip.com/v1150/m.js
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c9deb405063cb3b452b7930ce93a26419e170abda815f3c4783aa7442305d67

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Jan 2021 02:46:48 GMT
server: cloudflare
age: 236841
etag: W/"5ff13018-10d2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 60cffb16ec5332a6-CDG
cf-request-id: 0775db4252000032a6ccb51000000001
expires: Fri, 05 Feb 2021 20:34:34 GMT

GET
H2 200 ImageCropper.js Show response
s.imgflip.com/v1150/ 4 KB
2 KB 104ms
98ms Script
application/javascript 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgflip.com/v1150/ImageCropper.js
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86c2f7b5bb53a643cb52ca3f529e879478aecbd4f4b885ef7a21ad13d5a0b4de

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Jan 2021 02:46:24 GMT
server: cloudflare
age: 236841
etag: W/"5ff13000-fcd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 60cffb16ec6532a6-CDG
cf-request-id: 0775db425e000032a62685b000000001
expires: Fri, 05 Feb 2021 20:34:34 GMT

GET
H2 200 Slider.js Show response
s.imgflip.com/v1150/ 2 KB
1 KB 120ms
119ms Script
application/javascript 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgflip.com/v1150/Slider.js
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1048597f179f8b14b07d0dc4bb97bd5a75f6627802258cf4077bbce96e92d02e

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Jan 2021 02:46:26 GMT
server: cloudflare
age: 236841
etag: W/"5ff13002-7fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 60cffb172d4c32a6-CDG
cf-request-id: 0775db427b000032a6cd3c4000000001
expires: Fri, 05 Feb 2021 20:34:34 GMT

GET
H2 200 ajax_get_le_data Show response
imgflip.com/ 187 B
356 B 237ms
237ms XHR
application/json 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgflip.com/ajax_get_le_data?i=290014293
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccbbcde465b3ebb76d18cdfbe979e9d00de3a1b46b531a2c80e82f4ee56cba59

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 20:34:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 60cffb16dc0732a6-CDG
cf-request-id: 0775db4245000032a6fc16c000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 15ms
14ms Script
text/javascript 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: imgflip.com
URL: https://imgflip.com/i/4so0gl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 249
date: Tue, 05 Jan 2021 20:30:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 05 Jan 2021 22:30:25 GMT

GET
H3-Q050 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
412 B 29ms
15ms Image
image/gif 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=569752379&utmhn=imgflip.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Running%20Away%20Balloon%20Meme%20-%20Imgflip&utmhid=805804614&utmr=-&utmp=%2Fi%2F4so0gl&utmht=1609878874723&utmac=UA-20041150-5&utmcc=__utma%3D71379083.1233500255.1609878875.1609878875.1609878875.1%3B%2B__utmz%3D71379083.1609878875.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=204029171&utmredir=3&utmu=qBAAAAAAAAAAAAAAAAAAAABE~

Requested by

Host: imgflip.com
URL: https://imgflip.com/i/4so0gl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 05 Jan 2021 20:34:34 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m.css
s.imgflip.com/v1150/ 19 KB
4 KB 97ms
96ms Stylesheet
text/css 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgflip.com/v1150/m.css
Requested by: Host: s.imgflip.com
URL: https://s.imgflip.com/jq.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0710ea9233e880be1c2b527fb24c71a3f98b39f82a41c3a410bd8c63588669e9

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 236841
cf-polished: origSize=24619
cf-bgj: minify
cf-request-id: 0775db42f2000032a6e1b12000000001
last-modified: Sun, 03 Jan 2021 02:47:01 GMT
server: cloudflare
etag: W/"5ff13025-602b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 60cffb17cfac32a6-CDG
expires: Fri, 05 Feb 2021 20:34:34 GMT

GET
H2 200 ImageCropper.css
s.imgflip.com/v1150/ 1 KB
552 B 97ms
97ms Stylesheet
text/css 104.18.255.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgflip.com/v1150/ImageCropper.css
Requested by: Host: s.imgflip.com
URL: https://s.imgflip.com/jq.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.255.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 763fc65c6c6eeb00e78f8cbb7e8afed66b9bab6467e4f52dd9009e72e2a922d4

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 236840
cf-polished: origSize=1626
cf-bgj: minify
cf-request-id: 0775db42ef000032a6fd3b5000000001
last-modified: Sun, 03 Jan 2021 02:47:01 GMT
server: cloudflare
etag: W/"5ff13025-65a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 60cffb17cfb232a6-CDG
expires: Fri, 05 Feb 2021 20:34:34 GMT

GET
H/1.1 200
OK script.js Show response
powerad.ai/ 123 KB
25 KB 359ms
173ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/script.js
Requested by: Host: s.imgflip.com
URL: https://s.imgflip.com/jq.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: ffb3cc08c042d351efe5dad411a91e0ead4e2d1632a9eccc9550701edfeeb31a

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 05 Jan 2021 20:34:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:22:13 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"1ed2e-176cf7e5d3c"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 282ms
92ms Other
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 05 Jan 2021 20:34:35 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H/1.1 200
OK / Show response
powerad.ai/pubPls/ 14 KB
2 KB 304ms
106ms XHR
text/html 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fimgflip.com%2Fi%2F4so0gl
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 60fe2056f62a11871e994a4b8bfa49311e00f24bf95cd8601f4e3529842e6778

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 05 Jan 2021 20:34:35 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"38cf-C1FAYnARznoYO45Znimsq4PfGe8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://imgflip.com
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164290288-48

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa3d8b1bf9691982e52c584b873f60d9e048fd7be1ef4c2755bbac536e814ef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39014
x-xss-protection: 0
last-modified: Tue, 05 Jan 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Jan 2021 20:34:35 GMT

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 96ms
95ms Other
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 05 Jan 2021 20:34:35 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H/1.1 200
OK / Show response
hb.brainlyads.com/json-parts/2877/ Frame 2A1F 2 KB
1 KB 284ms
96ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.brainlyads.com/json-parts/2877/?pageId=1014730352&sizes=[]&winbidder=&keyValues=[[%22refresh%22,0]]
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-158-212.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: c56f7ecd8fa6c1b33cf172706859e2edeb43996de84b995d01d7a30663dbed42

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 05 Jan 2021 20:34:35 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
X-Powered-By: Express
ETag: W/"6ea-R7EH5AqCLolOlfcbAuv9CwwuMqQ"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK pbjs_wrapper.js Show response
hb.brainlyads.com/ Frame 1BEB 14 KB
5 KB 279ms
93ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.brainlyads.com/pbjs_wrapper.js
Requested by: Host: imgflip.com
URL: https://imgflip.com/i/4so0gl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-158-212.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 39688978321e942bb768b39b4295ca33922711508a53a8e5e3aaf171dd36ed37

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 05 Jan 2021 20:34:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Dec 2020 14:22:05 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5fe5f58d-3622"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164290288-48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2642
date: Tue, 05 Jan 2021 19:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 05 Jan 2021 21:50:34 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
62 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=805804614&t=pageview&_s=1&dl=https%3A%2F%2Fimgflip.com%2Fi%2F4so0gl&ul=en-us&de=UTF-8&dt=Running%20Away%20Balloon%20Meme%20-%20Imgflip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=71379083.1233500255.1609878875.1609878875.1609878875.1&_utmz=71379083.1609878875.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1609878876088&_u=IQBCAUABAAAAAC~&jid=398264544&gjid=1291994555&cid=1233500255.1609878875&tid=UA-164290288-48&_gid=157669442.1609878876&_r=1&gtm=2oubu0&z=167760431

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 20:34:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgflip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 188333-91751857837145.js Show response
js-sec.indexww.com/ht/p/ Frame 1BEB 37 KB
13 KB 95ms
35ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/188333-91751857837145.js
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fa7016fc07ef9c664fefc30d904485647449d8bd5d4cac1d453f872563164032

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 05 Jan 2021 20:34:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 20:13:35 GMT
Server: Apache
ETag: "da4ad9-9259-5b82cd76c0ffd"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2485
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12745
Expires: Tue, 05 Jan 2021 21:16:01 GMT

GET
H/1.1 200
OK prebid.js Show response
hb.brainlyads.com/ Frame 1BEB 355 KB
109 KB 177ms
176ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.brainlyads.com/prebid.js
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-158-212.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 02f58f7527964263c3fbd4f8572d34ff00b85cbe488570ecd4c132a6303861ea

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 05 Jan 2021 20:34:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 16:21:27 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5feca907-58df1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 06 Jan 2021 20:34:36 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1BEB 54 KB
19 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f24cdf83d334ae1a2c662bd693830f8ba8f9e38012679cb7c009ddc635e732e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "746 / 533 of 1000 / last-modified: 1609865133"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18858
x-xss-protection: 0
expires: Tue, 05 Jan 2021 20:34:36 GMT

GET
H2 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1BEB 274 KB
97 KB 101ms
39ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Tue, 05 Jan 2021 20:34:36 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame 1BEB 44 B
325 B 58ms
22ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/188333-91751857837145.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.207.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

148.207.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Jan 2021 20:34:36 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://imgflip.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 1BEB 109 B
541 B 105ms
34ms XHR
application/json 63.33.218.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=188333
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/188333-91751857837145.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.218.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-218-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 33709e6224a8ea7a805296a888fa1ad4028b7621043d67afc13d5bc4053e8475

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Jan 2021 20:34:36 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://imgflip.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 04 Feb 2021 20:34:36 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ Frame 1BEB 0
309 B 91ms
32ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=503957&u=https%3A%2F%2Fimgflip.com%2Fi%2F4so0gl&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/188333-91751857837145.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 05 Jan 2021 20:34:36 GMT
Server: Apache
Access-Control-Allow-Origin: https://imgflip.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Tue, 05 Jan 2021 20:34:36 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1BEB 144 B
1 KB 93ms
42ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9e5f749e3e7af31cc3cf78deb10d9e030727faf34608023df831d0516da3dd92

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 05 Jan 2021 20:34:36 GMT
X-Proxy-Origin: 45.152.181.220; 45.152.181.220; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.56:80
AN-X-Request-Uuid: cd8b3ee2-9a60-46b3-8aed-cb4424c5c33c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://imgflip.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 1BEB 24 B
452 B 155ms
97ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=540475&v=7.2&r=%7B%22id%22%3A%223136bf9816d576%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22404405aa61284%22%2C%22ext%22%3A%7B%22siteID%22%3A%22540475%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fimgflip.com%2Fi%2F4so0gl%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215214%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e6c5248b-3ca4-4dab-b23e-e038bba2773f%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-01-05T20%3A34%3A36%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1be3d5a2d0a5e01c4cc6867c080034423698cfb086b6ae167c7425dbd6edbcb4

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 05 Jan 2021 20:34:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://imgflip.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 44
Expires: Tue, 05 Jan 2021 20:34:36 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ Frame 1BEB 0
351 B 105ms
36ms XHR
text/plain 54.72.81.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%221-%2F90814396%2Fimgflip_728x90_intext_imagepage_HB%22%2C%22callback_id%22%3A%226bb978dee772f6%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222596551498301120716%22%7D%5D&page_url=https%3A%2F%2Fimgflip.com%2Fi%2F4so0gl&bust=1609878876714&pr=https%3A%2F%2Fimgflip.com%2Fi%2F4so0gl&scrd=1&dnt=false&e=90&description=&title=Running%20Away%20Balloon%20Meme%20-%20Imgflip&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215214%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.81.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-81-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://imgflip.com
pragma: no-cache
date: Tue, 05 Jan 2021 20:34:36 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1BEB 109 B
803 B 38ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imgflip.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jan 2021 20:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1BEB 109 B
803 B 37ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgflip.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jan 2021 20:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1BEB 37 KB
11 KB 410ms
378ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1341075714938784&correlator=3545154713545494&output=ldjh&impl=fifs&eid=21069690%2C21064367%2C21068809&vrg=2020120801&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210105&iu_parts=90814396%2Cimgflip_728x90_intext_imagepage_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cookie_enabled=1&cdm=imgflip.com&bc=31&abxe=1&lmt=1609878876&dt=1609878876884&dlt=1609878875613&idt=918&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2326886035&ucis=fxt7vpfdclu3&ifi=1&ifk=714293640&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fimgflip.com%2Fi%2F4so0gl&top=https%3A%2F%2Fimgflip.com%2Fi%2F4so0gl&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1233500255.1609878875&ga_sid=1609878875&ga_hid=1051375414&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

3ba8315866416deeee722f75bd5d6130b1f2cd5638ae03beb361fa29fe0ba10f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10558
x-xss-protection: 0
google-lineitem-id: 5539455056
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138280995111
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgflip.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
50d0e859027e4ee73e0379fbf1a1021b.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1BEB 0
0 60ms
13ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://50d0e859027e4ee73e0379fbf1a1021b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 1BEB 0
0 27ms
7ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DCD7 0
0 35ms
34ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3lH1CZibsJoBTVFKnLN-6VcwyiLPksiriFZvO81BxokCQ0nw1ZLrQZY0X6jLfChU8U3Xm17X5BL02DsFX8EJN7ZDpCGW7JpOwreN1R0pQh6MjS-sOK57d7Yhvr4My98UiVi5EjOhA0Awpr_CJdt4bG2nNF9Smd-uFvEMzL5_fz6aBOnA6Xel8ha8QVlaJZHRSuBqxVLw-owR_nfkqvE-miSGd7Z8hc6tmioYKlf2LjHxWKY_4cYOEK6OqCfSqhdI7q0d_zGtl7PeDlrNrla3-kz5AzvTfcwLwWuw&sai=AMfl-YTXHWh08McvYnu7B4LtzpTt9a7vC8LflT7UbxfubkK8jDgT2cKI0OuRWe2IJGfAALt8E8NqhgB9acRKUKkhfVIAZzYNJIRbEZzItdC98b5l-9IuiXsyM2t_SLPc1b8l&sig=Cg0ArKJSzACkyDbXHqZREAE&urlfix=1&adurl=

Requested by

Host: imgflip.com
URL: https://imgflip.com/i/4so0gl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jan 2021 20:34:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Jan 2021 20:34:37 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DCD7 54 KB
19 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f24cdf83d334ae1a2c662bd693830f8ba8f9e38012679cb7c009ddc635e732e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "746 / 205 of 1000 / last-modified: 1609865133"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18858
x-xss-protection: 0
expires: Tue, 05 Jan 2021 20:34:37 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCD7 76 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Tue, 05 Jan 2021 20:34:37 GMT

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 94ms
94ms Other
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 05 Jan 2021 20:34:37 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BEB 74 KB
28 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Tue, 05 Jan 2021 20:34:37 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1BEB 8 KB
7 KB 37ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07be99c2ace57ba9c878dc86e43d6002b1f64fbd2e7eeda1c3931408a85a6737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6443
x-xss-protection: 0

OPTIONS
H/1.1 200
OK statistics
report.hb.brainlyads.com/ Frame 0
0 299ms
102ms Other 3.215.247.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.hb.brainlyads.com/statistics
Protocol: HTTP/1.1
Server: 3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-247-12.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://imgflip.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 05 Jan 2021 20:34:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *

POST
H/1.1 200
OK statistics Show response
report.hb.brainlyads.com/ Frame 1BEB 0
232 B 93ms
93ms XHR
text/plain 3.215.247.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.hb.brainlyads.com/statistics
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-247-12.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 05 Jan 2021 20:34:37 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked

GET
H3-Q050 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DCD7 274 KB
97 KB 33ms
33ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Tue, 05 Jan 2021 20:34:37 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1BEB 16 KB
6 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 05 Jan 2021 20:34:37 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame DCD7 109 B
127 B 44ms
28ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imgflip.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame DCD7 109 B
781 B 43ms
28ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgflip.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DCD7 80 KB
17 KB 374ms
373ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1830413669708168&correlator=810259951612196&output=ldjh&impl=fif&eid=21069137%2C21069138&vrg=2020120801&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210105&iu_parts=90814396%2Cimgflip_728x90_intext_imagepage_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=in2w_key%3D79%26in2w_key2%3Dnope%26in2w_key3%3Dadx65%26in2w_key4%3D--28gz%26in2w_key5%3Doptimization%26in2w_key6%3D--2qgz%26in2w_key7%3D65%26in2w_key8%3D79%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0&eri=6&cookie=ID%3Ddeb08b6df5d4abc0-22a2e8607fb9005e%3AT%3D1609878876%3AS%3DALNI_MYhUkGUQMmJK9v87e4tFpya3M1NlA&cdm=imgflip.com&bc=31&abxe=1&lmt=1609878877&dt=1609878877536&dlt=1609878877308&idt=108&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=276&adys=809&adks=2901410350&ucis=rrjzrsw5efx7&ifi=1&ifk=330846374&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fimgflip.com&loc=https%3A%2F%2Fimgflip.com%2Fi%2F4so0gl&top=imgflip.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1233500255.1609878875&ga_sid=1609878875&ga_hid=1451132883&ga_fc=true&fws=256&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e82433920e4ef4c996a74a4c661c39d3d6eb735acdf8afb2b61d20290b5792e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17184
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgflip.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
11485134cd86f0f508f639e84e8929b2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame DCD7 0
0 28ms
14ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://11485134cd86f0f508f639e84e8929b2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DCD7 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame DCD7 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff42e8e04b0bf3b52fd64175ff7124cc30b8a05968809bd30032edd9c7b3b471

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 7984 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imgflip.com/i/4so0gl
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imgflip.com/i/4so0gl

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Tue, 05 Jan 2021 20:09:29 GMT
expires: Wed, 05 Jan 2022 20:09:29 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1508
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DCD7 0
22 B 37ms
37ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyNA3UsFCSx26-bPLmbxagghI27lgvWvlmb94_fr0IJwq8Gx2mk0MxzylFWGYdtLwVLkTaqSuOaF__Qj0W-hrv-g3Qkr7czTYyYQ5X5XtrZneXJY_eLmVgfvQNPIRcF4ROMOWF1QqoM1iqPrSwDE-eIgsrKqP8FFZSJJ-WAqj-9LCQoQumic5Dakm4c2S-Yr6Mv2q3QaLXMQMWU8sM2dApKjEDbviworyageP_rwVTBnrK-3TW0h_2_L4xxBAsQfHtwDc03G4BDqXWOixIrjNaWfdAqzgxVQ1etYp5Lg&sai=AMfl-YQzj7nxBVmsSOwctzUSHgUMCMjqBsJVourAfEg-VkQtCgJHuTvUprRwzhhHcmzjsuNgYsfjHTIqpn6npM-Egykc-VCWuz5-fUTJ4Ntpije2U9YmNjLcccf-95l0EKoM&sig=Cg0ArKJSzG8CyvpOuixAEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jan 2021 20:34:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BEB 0
141 B 15ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2020120801&jk=1341075714938784&bg=!XF-lX3_NAAUbEDgJG1gOhoyhLgPq9gIAAABeUgAAABFoAQcKAH3IHHFL59X67Nq1SjWREnhwwJ8uYOqT1DCFBhLXPZoXIhZEv8gbK3l1gQdZ35BizBQoZaqLD4l2ggT6MsufpLhBQ2C8YZGAafalLvXQU6VNY8gBvQpjtL-7lOj191QXULXFo2JXOPf6m4AFK9w7Pt9sncDIYdomT-ZmZYWO_ZkB3hKf-kWJVpzXn2HWSHER4wEGS-s0NTCqSp5wstXWjO7pCS5F3nSEegAy43sLwXpTdr9tH0Hc_Ii84bgE7lZw1cD8gYWLvkOhGPzJXPAnXbl7-LHmThe17OEweIzJ8nVPjmgcPYPIILloSW9wBX7tU4xSaU5U0ky7lmXvGZYN_L018lz-kx2FT87DQv5Co8Sg__2qVoH0iZrXVc2zQZhCwq7HVG2mYkm7MF5O6cxjTuZOQdXf4THeMwC3G7R3bk6AG_NN2ExbYcRG-PiB_Pci_xtWFF6MLxzmyulPfNwV9z0rRfQyjhKTPcKhSpJbgPrbCDunpGaAk1C9tpMOdk1tUNjcNR4DVKMr8wzdiFjIb-6wlWSWBsVB-PS3Inlo5RF-wdw_w3_4Jwi-nT_mWbnxg62QECd9Vt1Y_drtY188sVE4ayXfpDWx6wpe1vQcKnaJ4yxtBT4qJr33CfRCvnRuNFkGWiAIHcn4EBbv8Kxw6yUrI3O70fi816pYl2VsGtOquQ2-OgP7JZQ-XPtlxXStKEDcmOnX5GxlaVOZGuDKfyGAXgO_nM6GO8dKjfPQNgC8Y7ZizZuqyKrr5c_1E1B5jT-MCFPD_YmUx1_PaV1b8HNEdGMXuV5Os9jhn-63NNM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 20:34:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
11485134cd86f0f508f639e84e8929b2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 83AD 0
0 35ms
21ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11485134cd86f0f508f639e84e8929b2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 11485134cd86f0f508f639e84e8929b2.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imgflip.com/i/4so0gl
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imgflip.com/i/4so0gl

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 05 Jan 2021 20:34:37 GMT
expires: Wed, 05 Jan 2022 20:34:37 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCD7 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Tue, 05 Jan 2021 20:34:37 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DCD7 8 KB
7 KB 54ms
40ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ddd95235571e77e20fc12799d3f16aa64c1c9be80809fee26886cd3b88e1eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6350
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DCD7 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 05 Jan 2021 20:34:37 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 0CC1 0
0 13ms
8ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imgflip.com/i/4so0gl
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imgflip.com/i/4so0gl

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Tue, 05 Jan 2021 20:09:29 GMT
expires: Wed, 05 Jan 2022 20:09:29 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1509
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCD7 0
40 B 15ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2020120801&jk=1830413669708168&bg=!m5ilmLjNAAXKjztBylgXdW2Nw8wmyAIAAABlUgAAABJoAQcKAX0L4XKGtt0o9tRZvCsZ7WePvMxAiqfmXerl5dqe5cyzohgBvCzh2n3xDGsmFxlwDasCRHhcZl8fXIbHbC6Z1nrZCCugvm75U6uRfOnj74k5T3I3JKQNDv1i6g_qkrRGoLLI3rxpxIoK8KUXw9qSztZM2xzZgK1pGZctXhBhOBVdAxGqmEf0zaKBXh5PiDG4fXj1iGHxXMBRrmhtB0ugSv5G2zfscKMUmN73OCOBuxDmnBUEhhkk6wI98NJEl4PXKLTX6C_XO2O4rarPXWKwAQC5kDbw5oiY8oQp5FHfX_g0CQZLjJ1ZnPpLUDoHU_3rxS7w-ZXjLnlSv5oSBDXmzXQ9BWRQe7XNAQ9KsNwR2-JwATx1HmCk-6WEhIC9hVEMnGC_6x-9sLlsGzG8SHNuxRwEtEnmxuc-LX30ZqJZWDEANcO0YxvOVTnlNNKMxzEH8rJgwni6v1GL6Lsnb0QjGpxZKwyol4Q_ghZDRwBd65f8RRlCfnyJqr3ZPCVfhR2ZAeSygYxVuboHwPmQ-gdCgPwXaOB-5eE3jghf538lyK6AehCvkGNw2Xdj0qFHzO-wcaXoXLmaxAp1U1M0_1I2A6JMPrk2MpWyBF5fnptNCIvlQxEfnp1rG_-1gxcVvBRtW2-uOfBSGot4iefLJLrXfcauDLhgD57qCp_UbaVFwu3g93Nfqqb2HacoZS0ymXxfrgXJrzmANuvj_LOND2xr7SSthTNQ9LqmX_YWCJLGGOmeEnEfYDSKPlFrDxB65Ff4CEh1xuA5f3dy8ED2DhLiHViAkAc5NNQo_LLtSkQnH8D05H62bKdUcWGrotEEeil9jN9wnYawsLeKhh-0ihf5ZGhbqFRyJitXNCU76G6Z7Gxu2on5sBk37DX5P-pfgC0HFjoksYCOQGdEMYgl7HzemmV7GQFwLDP6j7xDal_5CKqbPiDvPYTHigpE_V2Cx64DvYLlLiviRUU7EWURrBZ-F7HI-7oPctFvj993iUGT4aDTNuIVhMs4HyFhRKzXVTaRvP1XBxVNigSi0swqEuWCVvs6OjsslXThVoBRbaLQIiO8TJaM6J912LpLwKlPUzDWsrw7kpVc0sV1Z4PeaKdJMlQQ5bA6qYYN99pyxNGcrL9Si_8MQumZyjJFnS7vNLg40-U2156a

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 20:34:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DCD7 42 B
176 B 16ms
16ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWZbWcLHFR2CW2kKYVD4ujC9YnpPS5WTyms919qjWiKTkIFXOJxXEIXHxDQF5rRx1YaeYNQBBU6ycOzP-fBo9LkLqE2REI2iRniDOR1qE&sig=Cg0ArKJSzN11DAfiU9SEEAE&adk=2326886035&tt=-1&bs=1600%2C1200&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&p=0,0,90,728&mcvt=1010&rs=0&ht=0&tfs=146&tls=1156&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=41&niot_cbk=52&md=2&btr=0&cpmav=0&lm=2&rst=1609878877318&dlt&rpt=270&isd=0&msd&xdi=0&ps=1600%2C1525&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-5-11-11-0-0-0&tvt=1152&is=728%2C90&iframe_loc=https%3A%2F%2Fimgflip.com%2Fi%2F4so0gl&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgflip.com/i/4so0gl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jan 2021 20:34:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 4564 0
0 29ms
28ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imgflip.com/i/4so0gl
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imgflip.com/i/4so0gl

Response headers

Server: Apache
Last-Modified: Tue, 06 Oct 2020 14:04:48 GMT
ETag: "e20015-8f4-5b10114f2003a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1136
Date: Tue, 05 Jan 2021 20:34:39 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 41EE 0
0 129ms
34ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imgflip.com/i/4so0gl
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imgflip.com/i/4so0gl

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 05 Jan 2022 20:34:40 GMT
Date: Tue, 05 Jan 2021 20:34:40 GMT
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
imgflip.com/	1969-12-31 23:59:59	Name: iflipsess Value: du4omv610ldjgrvobl90632i5g
.imgflip.com/	1970-01-19 15:11:19	Name: __utmt Value: 1
.imgflip.com/	1970-01-19 15:11:20	Name: __utmb Value: 71379083.1.10.1609878875
.imgflip.com/	1969-12-31 23:59:59	Name: __utmc Value: 71379083
.imgflip.com/	1970-01-20 08:42:30	Name: __utma Value: 71379083.1233500255.1609878875.1609878875.1609878875.1
.imgflip.com/	1970-01-19 19:34:06	Name: __utmz Value: 71379083.1609878875.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.imgflip.com/	1970-01-19 15:54:30	Name: __cfduid Value: d78ea59de66649561918b3ec162f49ed51609878874

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://hb.brainlyads.com/prebid.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11485134cd86f0f508f639e84e8929b2.safeframe.googlesyndication.com
50d0e859027e4ee73e0379fbf1a1021b.safeframe.googlesyndication.com
acdn.adnxs.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
api.rlcdn.com
as-sec.casalemedia.com
hb.brainlyads.com
i.imgflip.com
ib.adnxs.com
imgflip.com
js-sec.indexww.com
match.adsrvr.org
pagead2.googlesyndication.com
powerad.ai
report.hb.brainlyads.com
reporting.powerad.ai
s.imgflip.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
104.18.255.14
172.217.21.226
18.211.226.152
2.18.232.130
2.18.234.21
23.20.158.212
2a00:1450:4001:802::2002
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:81f::2001
2a00:1450:4001:820::200e
2a00:1450:4001:825::2001
2a00:1450:400c:c06::9b
2a00:1450:400c:c06::9d
3.215.247.12
34.120.207.148
37.252.172.36
54.234.151.247
54.72.81.17
63.33.218.134
02f58f7527964263c3fbd4f8572d34ff00b85cbe488570ecd4c132a6303861ea
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0710ea9233e880be1c2b527fb24c71a3f98b39f82a41c3a410bd8c63588669e9
07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc
07be99c2ace57ba9c878dc86e43d6002b1f64fbd2e7eeda1c3931408a85a6737
1048597f179f8b14b07d0dc4bb97bd5a75f6627802258cf4077bbce96e92d02e
1be3d5a2d0a5e01c4cc6867c080034423698cfb086b6ae167c7425dbd6edbcb4
1c9deb405063cb3b452b7930ce93a26419e170abda815f3c4783aa7442305d67
247bea8afeb935aa59d1406c2fcf1ae89badce4c39150139638f25fc59ff1252
33709e6224a8ea7a805296a888fa1ad4028b7621043d67afc13d5bc4053e8475
36bb289d63b2369f8b650b04ec9a3489c1be230d51abed0b735f0cf62cfaf9c4
39688978321e942bb768b39b4295ca33922711508a53a8e5e3aaf171dd36ed37
3ba8315866416deeee722f75bd5d6130b1f2cd5638ae03beb361fa29fe0ba10f
3ddd95235571e77e20fc12799d3f16aa64c1c9be80809fee26886cd3b88e1eaf
42b837e733c431ca605ecfe9862fc788634d9717ef518f5a0f8f6b192492843c
519bc40fee468d6028055ca3ac133bb60ea7b10410385c7a95a58d807f96172b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
60fe2056f62a11871e994a4b8bfa49311e00f24bf95cd8601f4e3529842e6778
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
763fc65c6c6eeb00e78f8cbb7e8afed66b9bab6467e4f52dd9009e72e2a922d4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86c2f7b5bb53a643cb52ca3f529e879478aecbd4f4b885ef7a21ad13d5a0b4de
89523f9073e7d811e706692e24faf7fc1b79ff28e34c7ef5242f346cc61b7b30
92ff16344607869bd6ac7ccda226e8f0f3307a02534b057940cf9ac0ef9ed61e
9e5f749e3e7af31cc3cf78deb10d9e030727faf34608023df831d0516da3dd92
a047edfb8517773cde79780d8c93414d46beba46be7868c2baf19fa1bf383cbd
a2ecd021de0563fd18d7c5443eb3abf0d0dc125706473467783708c34fadc424
aa3d8b1bf9691982e52c584b873f60d9e048fd7be1ef4c2755bbac536e814ef4
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c56f7ecd8fa6c1b33cf172706859e2edeb43996de84b995d01d7a30663dbed42
ccbbcde465b3ebb76d18cdfbe979e9d00de3a1b46b531a2c80e82f4ee56cba59
cfe50dbbd32bb449600679660bc0b489d2ce3690e7c640a6737157ee030d51fe
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e82433920e4ef4c996a74a4c661c39d3d6eb735acdf8afb2b61d20290b5792e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24cdf83d334ae1a2c662bd693830f8ba8f9e38012679cb7c009ddc635e732e0
fa7016fc07ef9c664fefc30d904485647449d8bd5d4cac1d453f872563164032
ff42e8e04b0bf3b52fd64175ff7124cc30b8a05968809bd30032edd9c7b3b471
ffb3cc08c042d351efe5dad411a91e0ead4e2d1632a9eccc9550701edfeeb31a

imgflip.com Open in urlscan Pro 104.18.255.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

68 Requests

100 %HTTPS

43 %IPv6

16 Domains

25 Subdomains

22 IPs

5 Countries

783 kBTransfer

2152 kBSize

7 Cookies

5 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

imgflip.com Open in urlscan Pro
104.18.255.14 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

100 %
HTTPS

43 %
IPv6

16
Domains

25
Subdomains

22
IPs

5
Countries

783 kB
Transfer

2152 kB
Size

7
Cookies

68 HTTP transactions
1 data transactions