imgrum.pw Open in urlscan Pro
142.93.251.167 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://imgrum.pw/tag/tdbank
Submission: On October 04 via manual (October 4th 2019, 1:24:16 pm UTC) from US

Summary HTTP 120 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 19 domains to perform 120 HTTP transactions. The main IP is 142.93.251.167, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is imgrum.pw.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 21st 2019. Valid for: 3 months.

This is the only time imgrum.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	142.93.251.167 142.93.251.167	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
2	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
72	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	31.220.24.95 31.220.24.95	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	69.172.200.185 69.172.200.185	19324 (DOSARREST) (DOSARREST - Dosarrest Internet Security LTD)
1	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY - Fastly)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
6	78.140.191.119 78.140.191.119	35415 (WEBZILLA) (WEBZILLA)
2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f21... 2a03:2880:f212:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK - Facebook)
32 40	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
120	16

4 142.93.251.167 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

imgrum.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.24.95 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

qumagee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.172.200.185 (United States)

ASN19324 (DOSARREST - Dosarrest Internet Security LTD, US)
PTR: maxbounty.com

www.mb103.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.140.191.119 (Netherlands)

ASN35415 (WEBZILLA, NL)

outseeltor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f212:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

scontent-lga3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 32 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	demand.supply live.demand.supply api.demand.supply	32 KB
40	doubleclick.net 32 redirects googleads.g.doubleclick.net	5 KB
6	outseeltor.com outseeltor.com	41 KB
6	cloudflare.com cdnjs.cloudflare.com	124 KB
4	cdninstagram.com scontent-lga3-1.cdninstagram.com	574 KB
4	gstatic.com fonts.gstatic.com	38 KB
4	imgrum.pw imgrum.pw	245 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googlesyndication.com pagead2.googlesyndication.com	122 KB
2	unpkg.com 1 redirects unpkg.com	3 KB
2	jsdelivr.net cdn.jsdelivr.net	20 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	googletagservices.com www.googletagservices.com	29 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	googletagmanager.com www.googletagmanager.com	27 KB
1	mb103.com www.mb103.com	17 KB
1	qumagee.com qumagee.com	7 KB
0	digitaloceanspaces.com Failed pic.sfo2.digitaloceanspaces.com Failed
120	19

	Domain	Requested by
59	live.demand.supply	imgrum.pw live.demand.supply pagead2.googlesyndication.com
40	googleads.g.doubleclick.net	32 redirects pagead2.googlesyndication.com
13	api.demand.supply	live.demand.supply
6	outseeltor.com	qumagee.com outseeltor.com imgrum.pw
6	cdnjs.cloudflare.com	imgrum.pw
4	scontent-lga3-1.cdninstagram.com	cdnjs.cloudflare.com
4	fonts.gstatic.com	imgrum.pw
4	imgrum.pw	imgrum.pw
2	www.google-analytics.com	www.googletagmanager.com imgrum.pw
2	pagead2.googlesyndication.com	live.demand.supply pagead2.googlesyndication.com
2	unpkg.com	1 redirects imgrum.pw
2	cdn.jsdelivr.net	imgrum.pw
2	fonts.googleapis.com	imgrum.pw
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	imgrum.pw
1	www.mb103.com	imgrum.pw
1	qumagee.com	imgrum.pw
0	pic.sfo2.digitaloceanspaces.com Failed
120	20

This site contains links to these domains. Also see Links.

Domain
www.mb103.com
sulvo.com

Subject Issuer	Validity	Valid
imgrum.pw Let's Encrypt Authority X3	`2019-08-21` - `2019-11-19`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
demand.supply CloudFlare Inc ECC CA-2	`2019-06-23` - `2020-06-22`	a year	crt.sh
qumagee.com Let's Encrypt Authority X3	`2019-09-08` - `2019-12-07`	3 months	crt.sh
www.maxbounty.com DigiCert SHA2 Extended Validation Server CA	`2018-06-28` - `2020-07-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
ssl714328.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-10` - `2020-03-18`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
outseeltor.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-01` - `2020-07-01`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2019-08-25` - `2019-11-23`	3 months	crt.sh

This page contains 41 frames:

Primary Page: https://imgrum.pw/tag/tdbank
Frame ID: B20BE3D407B3939CC4B3C41AE42555BA
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191001/r20190131/zrt_lookup.html
Frame ID: 55DEFD2F378388011AA6A2EF7E730CB3
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 234B5C7B63F9DCCA65EF6106297FE310
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: BD54B1F1DD76C2C56012F8122451824A
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: D3093BE06DFDD31DB83A742EDB8A7B7E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1570195440&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1570195440349&bpp=6&bdt=731&fdt=161&idt=161&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=170
Frame ID: E34A61EFDF20F89A55FD9C2BA6A6E0AB
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 37309D864EA75004A76A471C41ECA71E
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: A7E05E1EA544870EB3DFB3E317FFBCEA
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 9962245E98D9747C43932B270D730DA3
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 8432B326697BB650B528F81BE9940110
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: B2444061295A813382E1DC4184BAB297
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 953233B5C4A49E11B39EF661A47E1BC5
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: F411CFEE57270CC8278014C167060440
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 8EF7E9006C1458EC5F868CAF4D8A7EB4
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 7B1D8B7703714438C0BE04DF7170A4C7
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 09EE770B5A5E511F27B8C2BA48E334D5
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: B22AD4F2D764B3E91D0DEE9927909046
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 2F764577B299CC93B54D93D80D305121
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 77DF80EAA79CAF2D2F7ADD02751EC946
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: F0DB1525889FAD79E74B50F07280A316
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 05762D52123DB042C92F274187E7A8AF
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: D8D42BEABE5DFD6256D14F4BF944AB5A
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: C22EF2AD24BBDB4A4106CEAD62B433E1
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 59A03AAA63D93D067EA991D7C689A887
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 2B9FB449739FDA86215D894D8909A4D4
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 9BB4B857F854F74D6A1FC979D3B928E1
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 2273345212750064052FDDF53FB5B2F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=2788670161&adf=957869174&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441113&bpp=4&bdt=1495&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=25&uci=a!p&fsb=1&xpc=XF5SLodsPi&p=https%3A//imgrum.pw&dtd=7
Frame ID: 59A54DB39126AE5383DBE290E8FE4076
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: AE9A7FA9D8E6490F7840D03DC6222F87
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=85b9ed31-b811-4547-90e7-aa496c4cf9e4&adk=2879501258&adf=2950210759&w=728&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&wgl=1&adsid=NT&dt=1570195441158&bpp=5&bdt=1540&fdt=5&idt=5&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1110&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=27&uci=a!r&fsb=1&xpc=vqtfbKUm0W&p=https%3A//imgrum.pw&dtd=9
Frame ID: BA6FEF96B8731E38BAED9C1268553FC7
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 9603A820893143FA6B1BE2FF1F861368
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1927278007&adf=433756377&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441202&bpp=4&bdt=1584&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=29&uci=a!t&fsb=1&xpc=1nQL5PLR6l&p=https%3A//imgrum.pw&dtd=7
Frame ID: BD677794E411F9DE0902CE045362FA2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=4067653773&adf=3545066920&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441223&bpp=4&bdt=1605&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=30&uci=a!u&fsb=1&xpc=P8WPTEFWdJ&p=https%3A//imgrum.pw&dtd=7
Frame ID: 31880CF95D8DFB3D45C370885B4BCD4F
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 2A3A7F218B7AEA3513CFECCE48011907
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: CA18A18C656227C519ABF131207B995E
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: EDB08D4A4C548E958FD35E3F90710DEF
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 76E21893287057A913F3E61C3A02D2BE
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: F14D55AD9DE8B2324524F94A41C02BB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=3574318620&adf=3579956372&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441351&bpp=4&bdt=1733&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=36&uci=a!10&fsb=1&xpc=JQXEdeFSlt&p=https%3A//imgrum.pw&dtd=6
Frame ID: A1097B235D297AF0D213B26228A922CD
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 052A816960B39E8258238A13FFC2EBE5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1953529930&adf=1815861838&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441416&bpp=4&bdt=1798&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=483&ady=3286&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=16&bc=31&ifi=38&uci=a!12&fsb=1&xpc=jvV9kckGTr&p=https%3A//imgrum.pw&dtd=7
Frame ID: 1C6BB5D42AAE18490C91B8252338EAF0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

120
Requests

99 %
HTTPS

73 %
IPv6

19
Domains

20
Subdomains

16
IPs

5
Countries

1295 kB
Transfer

1932 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mb103.com/lnk.asp?o=10091&c=104806&a=402993&k=F66D45CD7715974B30606A10CDDD7FD4&l=9906
Title:

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=S9rQ7sip6TbwktMqB

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://unpkg.com/bricks.js/dist/bricks.js HTTP 302
https://unpkg.com/bricks.js@1.8.0/dist/bricks.js

Request Chain 63

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=1170706950&adf=957869174&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440341&bpp=8&bdt=723&fdt=103&idt=104&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&correlator=4267401712078&frm=20&pv=2&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=137573826572&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&xpc=U2vTu54tr0&p=https%3A//imgrum.pw&dtd=120 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 66

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=2752908782&adf=1558989094&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440476&bpp=5&bdt=858&fdt=6&idt=6&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=10&uci=a!a&fsb=1&xpc=N3vy024Wup&p=https%3A//imgrum.pw&dtd=11 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 68

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=1557422938&adf=603726025&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440497&bpp=5&bdt=879&fdt=5&idt=5&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=11&uci=a!b&fsb=1&xpc=CPXazVVRGv&p=https%3A//imgrum.pw&dtd=8 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 73

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=b2c3ba13-2334-4871-a7fa-5813fdb47686&adk=3658201677&adf=2950210759&w=728&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&wgl=1&adsid=NT&dt=1570195440524&bpp=4&bdt=906&fdt=5&idt=5&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1110&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=12&uci=a!c&fsb=1&xpc=ddvtg0xxwW&p=https%3A//imgrum.pw&dtd=8 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 75

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=1755868493&adf=1274037384&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440537&bpp=6&bdt=918&fdt=6&idt=6&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=13&uci=a!d&fsb=1&xpc=KGTjlVVKYR&p=https%3A//imgrum.pw&dtd=10 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 78

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=1145139533&adf=3579956372&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440357&bpp=4&bdt=739&fdt=205&idt=205&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GJO7jIggJv&p=https%3A//imgrum.pw&dtd=207 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 79

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=351528403&adf=3545066920&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440363&bpp=4&bdt=745&fdt=231&idt=232&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jRmF8w5zCi&p=https%3A//imgrum.pw&dtd=234 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 81

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=1021724689&adf=433756377&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440370&bpp=5&bdt=751&fdt=245&idt=245&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bhsUhOGhn3&p=https%3A//imgrum.pw&dtd=247 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 82

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=3685265079&adf=1815861838&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440378&bpp=5&bdt=760&fdt=248&idt=248&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Ny5rvYefdM&p=https%3A//imgrum.pw&dtd=250 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 83

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=2622214845&adf=2499257358&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440387&bpp=5&bdt=769&fdt=250&idt=250&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=6&uci=a!6&fsb=1&xpc=PCSvrCtFj8&p=https%3A//imgrum.pw&dtd=252 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 84

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=3140727578&adf=1271019615&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440419&bpp=5&bdt=800&fdt=230&idt=230&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ehLpZIFaSl&p=https%3A//imgrum.pw&dtd=233 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 85

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=2526507238&adf=4074561850&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440426&bpp=4&bdt=807&fdt=235&idt=235&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=8&uci=a!8&fsb=1&xpc=ZG4iUxsqFl&p=https%3A//imgrum.pw&dtd=240 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 86

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=316352406&adf=23221440&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440433&bpp=6&bdt=815&fdt=241&idt=241&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=9&uci=a!9&fsb=1&xpc=oYVVpTCSsh&p=https%3A//imgrum.pw&dtd=244 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 87

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=1259294006&adf=957869174&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440749&bpp=4&bdt=1131&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=14&uci=a!e&fsb=1&xpc=XU49IpSiT5&p=https%3A//imgrum.pw&dtd=7 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 88

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=238a7968-56dc-4824-979e-021d22fb1269&adk=1307713163&adf=2950210759&w=728&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&wgl=1&adsid=NT&dt=1570195440774&bpp=4&bdt=1155&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1110&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=15&uci=a!f&fsb=1&xpc=92t0Il6ZW0&p=https%3A//imgrum.pw&dtd=8 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 89

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=3431708179&adf=603726025&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440811&bpp=4&bdt=1193&fdt=5&idt=5&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=16&uci=a!g&fsb=1&xpc=H7qMTZ4AXc&p=https%3A//imgrum.pw&dtd=8 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 90

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=1166544748&adf=1558989094&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440825&bpp=4&bdt=1207&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=17&uci=a!h&fsb=1&xpc=MjsZPDKpxO&p=https%3A//imgrum.pw&dtd=7 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 92

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=3090277626&adf=433756377&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440914&bpp=6&bdt=1296&fdt=6&idt=6&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=18&uci=a!i&fsb=1&xpc=KoqUmoA2Q0&p=https%3A//imgrum.pw&dtd=10 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 93

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=4047312840&adf=1274037384&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440935&bpp=4&bdt=1317&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=19&uci=a!j&fsb=1&xpc=KfU9jRBaRi&p=https%3A//imgrum.pw&dtd=6 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 94

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=1806952521&adf=3545066920&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440958&bpp=3&bdt=1340&fdt=3&idt=3&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=20&uci=a!k&fsb=1&xpc=bYLFYBmkCd&p=https%3A//imgrum.pw&dtd=6 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 95

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=399645089&adf=4074561850&w=300&lmt=1570195440&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195440974&bpp=3&bdt=1355&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=21&uci=a!l&fsb=1&xpc=8nSBbObgNN&p=https%3A//imgrum.pw&dtd=7 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 97

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=930178832&adf=23221440&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441021&bpp=5&bdt=1403&fdt=5&idt=5&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=22&uci=a!m&fsb=1&xpc=UfxmjEKwRE&p=https%3A//imgrum.pw&dtd=32 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 98

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=2868234702&adf=1271019615&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441066&bpp=3&bdt=1447&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=23&uci=a!n&fsb=1&xpc=ymAorVdaKG&p=https%3A//imgrum.pw&dtd=6 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 99

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=1471101512&adf=3579956372&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441083&bpp=4&bdt=1465&fdt=5&idt=5&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=24&uci=a!o&fsb=1&xpc=lDCzVdyTQM&p=https%3A//imgrum.pw&dtd=10 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 101

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=3831553386&adf=1815861838&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441127&bpp=4&bdt=1509&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=26&uci=a!q&fsb=1&xpc=L6cdwa94YV&p=https%3A//imgrum.pw&dtd=8 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 103

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=1281099848&adf=2499257358&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441176&bpp=5&bdt=1558&fdt=5&idt=5&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=28&uci=a!s&fsb=1&xpc=LZJSaf8JsD&p=https%3A//imgrum.pw&dtd=11 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 106

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1387919568&adf=1558989094&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441240&bpp=4&bdt=1622&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=31&uci=a!v&fsb=1&xpc=VAlHUTJNto&p=https%3A//imgrum.pw&dtd=7 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 107

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1958597493&adf=1274037384&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441259&bpp=4&bdt=1641&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=32&uci=a!w&fsb=1&xpc=3KoDolUFXm&p=https%3A//imgrum.pw&dtd=9 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 108

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=4235438113&adf=603726025&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441276&bpp=3&bdt=1658&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=33&uci=a!x&fsb=1&xpc=MyCZEaciFF&p=https%3A//imgrum.pw&dtd=8 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 109

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1756095137&adf=4074561850&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441295&bpp=4&bdt=1677&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=34&uci=a!y&fsb=1&xpc=fxjbVFRt9E&p=https%3A//imgrum.pw&dtd=7 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 110

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1029451576&adf=23221440&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441315&bpp=3&bdt=1697&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=35&uci=a!z&fsb=1&xpc=SOcOGs8Bve&p=https%3A//imgrum.pw&dtd=7 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 112

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=88530251&adf=1271019615&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441367&bpp=3&bdt=1749&fdt=3&idt=3&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=37&uci=a!11&fsb=1&xpc=1rmZ4j0ks2&p=https%3A//imgrum.pw&dtd=7 HTTP 302
https://live.demand.supply/ds.2.html

120 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set tdbank Show response
imgrum.pw/tag/ 186 KB
187 KB 2619ms
2435ms Document
text/html 142.93.251.167
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://imgrum.pw/tag/tdbank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 142.93.251.167 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: aa6e7e5f2a807f5994770e50a3fe884997a3fb0884895dcb38805ef9928759ee

Request headers

Host: imgrum.pw
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Server: nginx/1.17.2
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Fri, 04 Oct 2019 13:23:59 GMT
X-RateLimit-Limit: 200
X-RateLimit-Remaining: 199
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjRDQWJZZzlpemVBZXd5RzhhWkEzc3c9PSIsInZhbHVlIjoieXNuQ1wvZXB0bUs2SUZHTEtKTGh4dmZ5SEFRVWdodjJYY2lZb3ViYTJYYzFoK0lCOE1YQk1oVHVuU2YwallUaEMiLCJtYWMiOiI2MzE1NjM2YmQxYTJiYThiODk1YzczMzE3ODhkN2QwNGMxYTUxZjg4ZTYxMmY5ZjUzMWIwMzhkNzAyYTIwMDdhIn0%3D; expires=Fri, 04-Oct-2019 15:23:59 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IitqV2lDbFRpNW1lSGpnNHcwTVVqeEE9PSIsInZhbHVlIjoieHNyWmZYM0JnMEtnaVhBaWNGZm45QTVncGZLT0FsMDlGUUp1Rk92UE9udWV2N0ZMd29nZFpvVjFQR1FlMElQRiIsIm1hYyI6Ijc2ZTRiYmQ2YzUxNjY2MTliYjQyYTU4MTA3Zjk3Y2M3ZTRiZGQzN2YwMTc0ZjU3ZjM2YTc3ODA0YTIwYmEyNjQifQ%3D%3D; expires=Fri, 04-Oct-2019 15:23:59 GMT; Max-Age=7200; path=/; httponly

GET
H2 200 css
fonts.googleapis.com/ 393 B
363 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cookie

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

66c30aff703d834793ae35e1af2406e4c0132db0117df840053473e2da486de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 04 Oct 2019 13:23:59 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Fri, 04 Oct 2019 13:23:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 04 Oct 2019 13:23:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
700 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 04 Oct 2019 13:23:59 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Fri, 04 Oct 2019 13:23:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 04 Oct 2019 13:23:59 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 19ms
18ms Stylesheet
text/css 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:23:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14829380
status: 200
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 52077939ac4acbc8-VIE
expires: Wed, 23 Sep 2020 13:23:59 GMT

GET
H/1.1 200
OK style.min.css
imgrum.pw/css/ 57 KB
57 KB 238ms
81ms Stylesheet
text/css 142.93.251.167
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://imgrum.pw/css/style.min.css
Requested by: Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 142.93.251.167 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: 30f5f0d8f3de4a9ede0ba1ceaebed2422993b22ad67e52918a6379d462730eaa

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 04 Oct 2019 13:23:59 GMT
Last-Modified: Wed, 21 Aug 2019 21:59:43 GMT
Server: nginx/1.17.2
ETag: "5d5dbecf-e2b7"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58039

GET
H/1.1 200
OK my.css
imgrum.pw/css/ 98 B
333 B 242ms
80ms Stylesheet
text/css 142.93.251.167
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://imgrum.pw/css/my.css
Requested by: Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 142.93.251.167 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: 6f2065a289353b91b5698665b4b8097421f0c4401bbbc5f5ef06461f5b175ce8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 04 Oct 2019 13:23:59 GMT
Last-Modified: Wed, 21 Aug 2019 21:59:43 GMT
Server: nginx/1.17.2
ETag: "5d5dbecf-62"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
28 KB 22ms
22ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:23:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14829372
status: 200
served-in-seconds: 0.058
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-14983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 52077939ac4ccbc8-VIE
expires: Wed, 23 Sep 2020 13:23:59 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
3 KB 404ms
373ms Script
application/javascript 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d086a555d1a3812c79f627d5c215551a65a07934791a4c2d889e6d0ff175a1d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id: 109d6b1a-f223-418f-abb4-619102954ffe-12305501
date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 593
cf-polished: origSize=3733
status: 200
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"8c27c4232d804204d9c90ac46d239448-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 52077939da24cbac-VIE
link: </impl.v8.11.0.js>; rel=preload; as=script,</p2/v8-11-0?url=imgrum.pw%2Ftag%2Ftdbank>; rel=preload; as=script
cf-h2-pushed: </impl.v8.11.0.js>,</p2/v8-11-0?url=imgrum.pw%2Ftag%2Ftdbank>

GET
H/1.1 200
OK lib.js Show response
qumagee.com/pn07uscr/f/tr/zavbn/1548926/ 19 KB
7 KB 78ms
18ms Script
text/javascript 31.220.24.95
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://qumagee.com/pn07uscr/f/tr/zavbn/1548926/lib.js

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

31.220.24.95 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

a1b8bf411666703fa4f860a058f53ce6e752f92cc3c65492a42959d2cb05fd02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 04 Oct 2019 13:23:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000

GET
H/1.1 200
OK getimage.asp
www.mb103.com/ 17 KB
17 KB 189ms
133ms Image
image/gif 69.172.200.185
Dosarrest Interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mb103.com/getimage.asp?a=402993&m=4091&o=10091&i=104806.dat
Requested by: Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.172.200.185 , United States, ASN19324 (DOSARREST - Dosarrest Internet Security LTD, US),
Reverse DNS: maxbounty.com
Software: nginx/1.16.1 / ASP.NET
Resource Hash: f3865a1c289aa9b59ac48de075e039ccbe98d4e8c2d02377918ee7817f58bdd2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 04 Oct 2019 13:23:59 GMT
Server: nginx/1.16.1
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 17195
X-DIS-Request-ID: 4c2c5db97b59d5024be91f3d3d5a2914

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
27 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-112022825-1

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f295ef15e6d4fa795082e3f9d1e098b7c3530e1609d0a47b178c1f042feb4f87

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:23:59 GMT
content-encoding: br
last-modified: Fri, 04 Oct 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27195
x-xss-protection: 0
expires: Fri, 04 Oct 2019 13:23:59 GMT

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.1/js/ 35 KB
9 KB 19ms
19ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.1/js/bootstrap.min.js

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:23:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14829355
status: 200
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:03 GMT
server: cloudflare
etag: W/"5afd4aab-8b11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5207793adffecbc8-VIE
expires: Wed, 23 Sep 2020 13:23:59 GMT

GET
H2 200 isotope.pkgd.min.js Show response
cdn.jsdelivr.net/isotope/2.0.0/ 35 KB
10 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/isotope/2.0.0/isotope.pkgd.min.js

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

764f3462a55275c599ea9a2941db915ec788cb9b67334378cb64772c05bc7a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
content-length: 9714
etag: W/"8b28-hDpL7R+yIs5UBtJ+1WQf4eXIKco"
x-served-by: cache-ams21025-AMS, cache-hhn4068-HHN
date: Fri, 04 Oct 2019 13:23:59 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 5 KB
2 KB 35ms
35ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.min.js

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:23:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14829380
status: 200
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Tue, 22 May 2018 14:15:53 GMT
server: cloudflare
etag: W/"5b042619-139e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5207793ae828cbc8-VIE
expires: Wed, 23 Sep 2020 13:23:59 GMT

GET
H2 200 jquery.lazy.plugins.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 4 KB
1 KB 17ms
17ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.plugins.min.js

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ecbd48276f3dec75c9f9c8f9f638ad2aeb5b74c387a731cefade25466e9ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:23:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14829360
status: 200
served-in-seconds: 0.068
timing-allow-origin: *
last-modified: Tue, 22 May 2018 14:15:52 GMT
server: cloudflare
etag: W/"5b042618-113c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5207793b08aecbc8-VIE
expires: Wed, 23 Sep 2020 13:23:59 GMT

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
10 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
content-length: 10434
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
x-served-by: cache-ams21034-AMS, cache-hhn4068-HHN
date: Fri, 04 Oct 2019 13:23:59 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK onready.js Show response
imgrum.pw/js/ 398 B
649 B 81ms
80ms Script
application/javascript 142.93.251.167
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://imgrum.pw/js/onready.js
Requested by: Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 142.93.251.167 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: 113ae78bf8809433e7b1be88444c3b66beb06ebcd12c763addb9c4d26630788d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 04 Oct 2019 13:23:59 GMT
Last-Modified: Wed, 21 Aug 2019 21:59:43 GMT
Server: nginx/1.17.2
ETag: "5d5dbecf-18e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 398

GET
H2

200

bricks.js Show response
unpkg.com/bricks.js@1.8.0/dist/
Redirect Chain

https://unpkg.com/bricks.js/dist/bricks.js
https://unpkg.com/bricks.js@1.8.0/dist/bricks.js

7 KB
2 KB

30ms
30ms

Script
application/javascript

2606:4700::6810:7eaf
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bricks.js@1.8.0/dist/bricks.js

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cab4c6fef409a6040593b720776ce236bfd97b93ef04e204a457f816149d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:23:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 720143
status: 200
vary: Accept-Encoding
last-modified: Wed, 22 Mar 2017 21:47:20 GMT
server: cloudflare
etag: W/"1a73-JxutQnFhhch5Mnb3YfpkCQRuiIs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: c32debc98ebc1debb33d5b694ef083f5
cache-control: public, max-age=31536000
cf-ray: 5207793bace459e2-VIE

Redirect headers

date: Fri, 04 Oct 2019 13:23:59 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
server: cloudflare
status: 302
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: /bricks.js@1.8.0/dist/bricks.js
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 2fc8eb7318aea0fb22fa0bfa8d2aae49
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5207793b6cb459e2-VIE
vary: Accept, Accept-Encoding
content-length: 53

GET
H2 200 impl.v8.11.0.js Show response
live.demand.supply/ 60 KB
18 KB 13ms
0ms Script
application/javascript 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v8.11.0.js
Requested by: Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ca56142a96dfa2c72a5efa2813eab9683af60a892d59e3501f87afe59fa8e51

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id: c9f85915-cfe8-42e3-885f-2a3305bbbb45-2616783
date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 242005
cf-polished: origSize=61873
cf-ray: 5207793c1ab9cbac-VIE
status: 200
cf-bgj: minify
server: cloudflare
etag: W/"ca0377c253ff60fdb794643be66c7e3a-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H2 200 v8-11-0 Show response
live.demand.supply/p2/ 156 B
227 B 298ms
0ms Script
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p2/v8-11-0?url=imgrum.pw%2Ftag%2Ftdbank
Requested by: Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793c1abacbac-VIE

POST
H2 200 / Show response
live.demand.supply/e/ 3 B
299 B 43ms
16ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/?e=ll&d=405&cs=c
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793c5ef5cbb8-VIE
content-length: 3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 104 KB
36 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

aae5672817ea3dbafbeb00e6064743e5101354edd50352691adebf440999672c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 36874
x-xss-protection: 0
server: cafe
etag: 12295525449405421919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Oct 2019 13:24:00 GMT

GET
H2 200 ds.2.html Show response
live.demand.supply/ 413 B
352 B 43ms
18ms XHR
text/html 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id: 65be122e-4dbd-4846-8ea0-bdb56597f84f-4479332
date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 361804
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 5207793c5ef8cbb8-VIE

GET
H2 200 syky-y18lb0tSbf9kgqS1NDNpg.woff2
fonts.gstatic.com/s/cookie/v11/ 14 KB
14 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cookie/v11/syky-y18lb0tSbf9kgqS1NDNpg.woff2

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2e77eb6e079b70becbbb1e0251a73b9b955296f89220f948a54c1a36e5373efe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Cookie
Origin: https://imgrum.pw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 20:02:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:57:03 GMT
server: sffe
age: 321702
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14416
x-xss-protection: 0
expires: Tue, 29 Sep 2020 20:02:18 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: https://imgrum.pw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 21:29:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 316462
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9180
x-xss-protection: 0
expires: Tue, 29 Sep 2020 21:29:38 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: https://imgrum.pw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 12:18:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 3919
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
expires: Sat, 03 Oct 2020 12:18:41 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 44ms
17ms Font
application/octet-stream 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://imgrum.pw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 14829381
status: 200
content-length: 77160
served-in-seconds: 0.012
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:53 GMT
server: cloudflare
etag: "5afd4939-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5207793c7ac6cba4-VIE
expires: Wed, 23 Sep 2020 13:24:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/ 5 KB
6 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: https://imgrum.pw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 21:40:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:48 GMT
server: sffe
age: 2648582
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5608
x-xss-protection: 0
expires: Wed, 02 Sep 2020 21:40:58 GMT

GET
H/1.1 200
OK tag.min.js Show response
outseeltor.com/pfe/current/ 14 KB
6 KB 61ms
13ms Script
application/javascript 78.140.191.119
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://outseeltor.com/pfe/current/tag.min.js?pub=1&t=standalone&z=1548926
Requested by: Host: qumagee.com
URL: https://qumagee.com/pn07uscr/f/tr/zavbn/1548926/lib.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 78.140.191.119 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8287cb37c57e9887faa0e99dd278dc40204edc68c2d5f0978cc72455e3d325cc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Oct 2019 13:24:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Oct 2019 13:19:05 GMT
Server: nginx
ETag: W/"5d935249-37e6"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imgrum.pw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgrum.pw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112022825-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4434
date: Fri, 04 Oct 2019 12:10:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 04 Oct 2019 14:10:06 GMT

GET
H/1.1 200
OK zone Show response
outseeltor.com/ 587 B
1 KB 12ms
12ms Fetch
application/json 78.140.191.119
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://outseeltor.com/zone?pub=1&zone_id=1548926&is_mobile=false&domain=imgrum.pw&var=&ymid=

Requested by

Host: outseeltor.com
URL: https://outseeltor.com/pfe/current/tag.min.js?pub=1&t=standalone&z=1548926

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.119 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

51e66484ec144f644889f39733b2ae2fb6a888cde37e1141aa4e0e68b9d8dc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Trace-Id: a0003df373f0d8361c99d024e38f0bc3
Date: Fri, 04 Oct 2019 13:24:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://imgrum.pw
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 587

GET
H/1.1 200
OK standalone.min.js Show response
outseeltor.com/pfe/current/ 104 KB
33 KB 66ms
26ms Fetch
application/javascript 78.140.191.119
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://outseeltor.com/pfe/current/standalone.min.js?v=3.1.122
Requested by: Host: outseeltor.com
URL: https://outseeltor.com/pfe/current/tag.min.js?pub=1&t=standalone&z=1548926
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 78.140.191.119 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: ca5782ad8d7664a4f48c68551d9c65d7a1262d4754086e047fbc29f023a024a1

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Oct 2019 13:24:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Oct 2019 13:19:05 GMT
Server: nginx
ETag: W/"5d935249-19f9e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://imgrum.pw
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2101410649&t=pageview&_s=1&dl=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&ul=en-us&de=UTF-8&dt=%23tdbank%20%E2%80%A2%20Browse%20images%20about%20tdbank%20at%20Instagram%20-Imgrum&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1851886869&gjid=1190079659&cid=1206646052.1570195440&tid=UA-112022825-1&_gid=376190757.1570195440&_r=1&gtm=2ou9p0&z=1614485904

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Oct 2019 13:24:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
250 B 43ms
27ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75fe05d1235a4bd068ec1e465803e2325328410abd13230638cf816e72f6bb0

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: UPDATING
server: cloudflare
age: 9392
etag: W/"11b-msMJEGTihJN2LXXin7tGmtNrApA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb3bcbb8-VIE
access-control-allow-origin: *

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
363 B 42ms
26ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75fe05d1235a4bd068ec1e465803e2325328410abd13230638cf816e72f6bb0

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: UPDATING
server: cloudflare
age: 9392
etag: W/"11b-msMJEGTihJN2LXXin7tGmtNrApA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb34cbb8-VIE
access-control-allow-origin: *

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
250 B 46ms
30ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75fe05d1235a4bd068ec1e465803e2325328410abd13230638cf816e72f6bb0

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: UPDATING
server: cloudflare
age: 9392
etag: W/"11b-msMJEGTihJN2LXXin7tGmtNrApA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb38cbb8-VIE
access-control-allow-origin: *

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
241 B 46ms
31ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75fe05d1235a4bd068ec1e465803e2325328410abd13230638cf816e72f6bb0

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: UPDATING
server: cloudflare
age: 9392
etag: W/"11b-msMJEGTihJN2LXXin7tGmtNrApA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb44cbb8-VIE
access-control-allow-origin: *

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
250 B 123ms
108ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75fe05d1235a4bd068ec1e465803e2325328410abd13230638cf816e72f6bb0

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: UPDATING
server: cloudflare
age: 9392
etag: W/"11b-msMJEGTihJN2LXXin7tGmtNrApA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb41cbb8-VIE
access-control-allow-origin: *

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
250 B 118ms
103ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75fe05d1235a4bd068ec1e465803e2325328410abd13230638cf816e72f6bb0

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: UPDATING
server: cloudflare
age: 9392
etag: W/"11b-msMJEGTihJN2LXXin7tGmtNrApA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb32cbb8-VIE
access-control-allow-origin: *

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
250 B 116ms
102ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75fe05d1235a4bd068ec1e465803e2325328410abd13230638cf816e72f6bb0

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: UPDATING
server: cloudflare
age: 9392
etag: W/"11b-msMJEGTihJN2LXXin7tGmtNrApA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb36cbb8-VIE
access-control-allow-origin: *

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
280 B 146ms
132ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7bb337d79dc74acd32c1dca24a6549a7a5e31191ff11e7e7c04da99017c843c

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
status: 200
etag: W/"11b-FJvX9wo4ao7Mx5clzNY5VAljBmY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb3acbb8-VIE

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
250 B 52ms
38ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75fe05d1235a4bd068ec1e465803e2325328410abd13230638cf816e72f6bb0

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: UPDATING
server: cloudflare
age: 9392
etag: W/"11b-msMJEGTihJN2LXXin7tGmtNrApA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb3ccbb8-VIE
access-control-allow-origin: *

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
241 B 41ms
27ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75fe05d1235a4bd068ec1e465803e2325328410abd13230638cf816e72f6bb0

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: UPDATING
server: cloudflare
age: 9392
etag: W/"11b-msMJEGTihJN2LXXin7tGmtNrApA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb3ecbb8-VIE
access-control-allow-origin: *

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
250 B 108ms
94ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75fe05d1235a4bd068ec1e465803e2325328410abd13230638cf816e72f6bb0

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: UPDATING
server: cloudflare
age: 9392
etag: W/"11b-msMJEGTihJN2LXXin7tGmtNrApA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb33cbb8-VIE
access-control-allow-origin: *

GET
H2 200 imgrum.pw_300x250_imgrum Show response
api.demand.supply/v8-11-0/a/ 283 B
253 B 183ms
169ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7bb337d79dc74acd32c1dca24a6549a7a5e31191ff11e7e7c04da99017c843c

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 0
etag: W/"11b-FJvX9wo4ao7Mx5clzNY5VAljBmY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793dfb3fcbb8-VIE
access-control-allow-origin: *

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 24ms
24ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=fs
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793deb11cbb8-VIE
content-length: 3

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET 32.gif
pic.sfo2.digitaloceanspaces.com/pictame/img/ 0
0

GET
H2 200 70124914_662661454562548_130060618020930452_n.jpg
scontent-lga3-1.cdninstagram.com/vp/a418817b76fb9c97d07d697972a8a7bf/5E174ED9/t51.2885-15/e35/s1080x1080/ 191 KB
191 KB 262ms
82ms Image
image/jpeg 2a03:2880:f212:c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/a418817b76fb9c97d07d697972a8a7bf/5E174ED9/t51.2885-15/e35/s1080x1080/70124914_662661454562548_130060618020930452_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=104
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 4c8ea1056f34edb16144a1974fdc2eff8a68ad6a5d32902d2e57cfe89d4d23c9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 336997883
date: Fri, 04 Oct 2019 13:24:00 GMT
x-fb-trip-id: 1679558926
x-enc-origin-hit-type: AcI_8a4lUqRRAA2uG6blzOOvBAEf0dghFh7359ugPYVe5cfqQOed54vnGjPi
last-modified: Fri, 04 Oct 2019 02:28:49 GMT
x-enc-origin-req-handler: AcJmZVF3YaUogOLEQsoBSpYCtp1-1PLPLihHkkzW9xgWWuBRdBU3Hu7Z8DglvTxvo1dzw4eFVz7SJfyS1g
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3279255299
x-fb-config-version-olb-prod: 588
timing-allow-origin: *
content-length: 195117

GET
H2 200 72179016_221536025494531_5975318525677098778_n.jpg
scontent-lga3-1.cdninstagram.com/vp/3d375d0801d83a22ab205eef161df308/5E31C77E/t51.2885-15/e35/ 96 KB
96 KB 262ms
82ms Image
image/jpeg 2a03:2880:f212:c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/3d375d0801d83a22ab205eef161df308/5E31C77E/t51.2885-15/e35/72179016_221536025494531_5975318525677098778_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=107
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 0aac3e306e62c6c5f1a79b83b1d48b8e09f6d39b784eff04677be670bf0c3498

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 1230374878
date: Fri, 04 Oct 2019 13:24:00 GMT
x-fb-trip-id: 1679558926
x-enc-origin-hit-type: AcKgnCudR6uSpl8xWwetNY139mLbnA99Tw0gjwaXENCPyY55aOckCz2vQzWw
last-modified: Fri, 04 Oct 2019 01:40:32 GMT
x-enc-origin-req-handler: AcKtG9cZOheRT9u--z5Hrbgp5Geydh0gT2SxaMiARSPYtnmbFyu-OP7ylcaipCuQUj76_quncqxMR8w10A
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3921141543
x-fb-config-version-olb-prod: 588
timing-allow-origin: *
content-length: 98282

GET
H2 200 imgrum.pw_728x90_sticky_display_bottom Show response
api.demand.supply/v8-11-0/a/ 289 B
277 B 136ms
136ms XHR
application/json 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v8-11-0/a/imgrum.pw_728x90_sticky_display_bottom
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f76d4abfa29ec3356db5d54a48e11550a85dfa814d88fcab79310be8bbc68e2d

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
status: 200
etag: W/"121-8fKm1gwTgFyt5rSn0toVIhNcQrw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 5207793e2bdfcbb8-VIE

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 19ms
18ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793e2bf5cbb8-VIE
content-length: 3

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/ 232 KB
85 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c71c456b8b74f5012aedb9b0116007e263b5bff4e181e9cd685bb8508cc01e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 87351
x-xss-protection: 0
server: cafe
etag: 2696100448618732083
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Oct 2019 13:24:00 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191001/r20190131/ Frame 55DE 0
0 6ms
5ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191001/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191001/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 01 Oct 2019 13:36:55 GMT
expires: Tue, 15 Oct 2019 13:36:55 GMT
content-type: text/html; charset=UTF-8
etag: 12554163127653827101
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7390
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 258425
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 21ms
20ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793e4c6bcbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 16ms
16ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793e4c7ecbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 16ms
15ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793e5ca4cbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 17ms
16ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793e6cddcbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 15ms
15ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793e7d12cbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 16ms
16ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793eadc5cbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 19ms
19ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793ebde3cbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 16ms
16ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793ece00cbb8-VIE
content-length: 3

GET
H2

200

ds.2.html
live.demand.supply/ Frame 234B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=1170706950&adf=957869174&w=300&lmt=1570195440&guci=...
https://live.demand.supply/ds.2.html

0
0

16ms
16ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:00 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5207794089c3cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 04-Oct-2019 13:39:00 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fc6f177cece9b5ce011f10645a8f1b5e174b76156e1e223784b15bf88548c4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570069739703382"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29107
x-xss-protection: 0
expires: Fri, 04 Oct 2019 13:24:00 GMT

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 17ms
17ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793f0ed5cbb8-VIE
content-length: 3

GET
H2

200

ds.2.html
live.demand.supply/ Frame BD54
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=2752908782&adf=1558989094&w=300&lmt=1570195440&guci...
https://live.demand.supply/ds.2.html

0
0

18ms
18ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:00 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077940eaffcbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 04-Oct-2019 13:39:00 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 17ms
16ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793f2f4bcbb8-VIE
content-length: 3

GET
H2

200

ds.2.html
live.demand.supply/ Frame D309
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=1557422938&adf=603726025&w=300&lmt=1570195440&guci=...
https://live.demand.supply/ds.2.html

0
0

20ms
20ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:00 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077940dac9cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 04-Oct-2019 13:39:00 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E34A 0
0 17ms
17ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1570195440&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1570195440349&bpp=6&bdt=731&fdt=161&idt=161&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=170

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1570195440&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1570195440349&bpp=6&bdt=731&fdt=161&idt=161&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=170
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 04-Oct-2019 13:39:00 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 04 Oct 2019 13:24:00 GMT
cache-control: private

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 19ms
18ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=bb&r=imgrum.pw_728x90_sticky_display_bottom
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793f4fe1cbb8-VIE
content-length: 3

GET
H2 200 close_rightup@2x.png
live.demand.supply/img/ 1 KB
1 KB 18ms
17ms Image
image/png 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.demand.supply/img/close_rightup@2x.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161389f943f55297ede4d233f2891343529c2d1be84a6398c6b5d987714757fc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id: fae52015-df26-4f4b-8ff9-7cc2340e9e3b-11705913
date: Fri, 04 Oct 2019 13:24:00 GMT
cf-cache-status: HIT
server: cloudflare
age: 1182751
etag: "b482fa6e47868cd2ebac98d3c0424bb6-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000,immutable,stale-if-error=604800
accept-ranges: bytes
cf-ray: 5207793f5d01cbac-VIE
content-length: 1146

GET
H2 200 ref_leftup@2x.png
live.demand.supply/img/ 4 KB
5 KB 17ms
17ms Image
image/png 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.demand.supply/img/ref_leftup@2x.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 060c2e413e1ad3c0f96d60a80a4001e95dd1b765272c3c8362193e25034c8d9a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id: a6e6a87e-d19a-45e6-b4ea-62d9219775cb-235930
date: Fri, 04 Oct 2019 13:24:00 GMT
cf-cache-status: HIT
server: cloudflare
age: 326360
etag: "d771d1a59d62eb1da770cab11af0bc4b-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000,immutable,stale-if-error=604800
accept-ranges: bytes
cf-ray: 5207793f5d05cbac-VIE
content-length: 4532

GET
H2

200

ds.2.html
live.demand.supply/ Frame 3730
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=b2c3ba13-2334-4871-a7fa-5813fdb47686&adk=3658201677&adf=2950210759&w=728&lmt=1570195440&guci=...
https://live.demand.supply/ds.2.html

0
0

18ms
18ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:00 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077940aa4ecbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 04-Oct-2019 13:39:00 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 20ms
20ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=da&r=imgrum.pw_300x250_imgrum
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:00 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 5207793f683dcbb8-VIE
content-length: 3

GET
H2

200

ds.2.html
live.demand.supply/ Frame A7E0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=1755868493&adf=1274037384&w=300&lmt=1570195440&guci...
https://live.demand.supply/ds.2.html

0
0

22ms
21ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:00 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779417cbacbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUkwzgMaN4bCCboqSEg3EHTilggLan3zqvZsj-kXwT_txAjY84L3OVI1vMEX; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H/1.1 200
OK custom Show response
outseeltor.com/ 39 B
484 B 13ms
13ms Fetch
application/json 78.140.191.119
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://outseeltor.com/custom

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.119 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: acc2b8a263d5f0ea409d150e1788112f
Date: Fri, 04 Oct 2019 13:24:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://imgrum.pw
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom Show response
outseeltor.com/ 39 B
484 B 12ms
11ms Fetch
application/json 78.140.191.119
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://outseeltor.com/custom

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.119 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 5f856eab9d4a9d7ea33718451da4d47d
Date: Fri, 04 Oct 2019 13:24:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://imgrum.pw
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2

200

ds.2.html
live.demand.supply/ Frame 9962
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=1145139533&adf=3579956372&w=300&lmt=1570195440&guci...
https://live.demand.supply/ds.2.html

0
0

22ms
22ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:00 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779422eb7cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUkhfVmXeZ8z7_E9LunPKljI-ee8exD2p6RkcitoQYnm4fbaXMogOjd6OLP6; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 8432
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=351528403&adf=3545066920&w=300&lmt=1570195440&guci=...
https://live.demand.supply/ds.2.html

0
0

24ms
24ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:00 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779419d0dcbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUnG_NtilqrhcbMqhih63OgAOd2SZvXUe3uprhsNJJKmCiVRRm9CWxFwuKU7; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H/1.1 200
OK event Show response
outseeltor.com/ 94 B
539 B 14ms
13ms Fetch
application/json 78.140.191.119
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://outseeltor.com/event

Requested by

Host: imgrum.pw
URL: https://imgrum.pw/tag/tdbank

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.119 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

7b863e8511d4579e0e33ce17fd4db1393bec7c82e1daa9f7466ad87f46240034

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 1e014de857311d3d157c81caf3964266
Date: Fri, 04 Oct 2019 13:24:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://imgrum.pw
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H2

200

ds.2.html
live.demand.supply/ Frame B244
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=1021724689&adf=433756377&w=300&lmt=1570195440&guci=...
https://live.demand.supply/ds.2.html

0
0

21ms
21ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:00 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779416c68cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUma11Wdvs2o_1srw9yQnAUHQNDbF9OdyM_o4GYRaR3PGKrW2PQj1jcfcWPB; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 9532
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=3685265079&adf=1815861838&w=300&lmt=1570195440&guci...
https://live.demand.supply/ds.2.html

0
0

24ms
24ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779424f25cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUm7L1A_1ozfrtAWdAeiAdcTe9l8FDepiUWikeTI6FhNHLeNg0c_-r3WreO2; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame F411
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=2622214845&adf=2499257358&w=300&lmt=1570195440&guci...
https://live.demand.supply/ds.2.html

0
0

30ms
30ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779425f3fcbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUl3Cd0I-HeutLpEkUw1HGBnwAhFfxp5xhl8hUD-O7c6SKSRw9Umr3IPHRAz; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 8EF7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=3140727578&adf=1271019615&w=300&lmt=1570195440&guci...
https://live.demand.supply/ds.2.html

0
0

27ms
26ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:00 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779421e7acbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUk5RNSI5T6CPy3EAnQWqP3hdOXsD8vuyrUYiK7KywAfPcnfmTE2N9lVvNeO; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 7B1D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=2526507238&adf=4074561850&w=300&lmt=1570195440&guci...
https://live.demand.supply/ds.2.html

0
0

35ms
34ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:00 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077941ad36cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUlwJqTTuAVxpSgM2DGHrNMiGHDOKnbO6pViP_m852ukLljGKEzhhe-aLKvD; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 09EE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ca471e47-5bb3-48ab-aa56-53da0f01ac08&adk=316352406&adf=23221440&w=300&lmt=1570195440&guci=1....
https://live.demand.supply/ds.2.html

0
0

28ms
28ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:00 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779420e45cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUnIBZHNxKxNMynry38fwzp4EAhzciMC8cXjrcC-_mQttyV02nvmlgOt9e9A; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame B22A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=1259294006&adf=957869174&w=300&lmt=1570195440&guci=...
https://live.demand.supply/ds.2.html

0
0

26ms
26ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779424efccbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUnejlAssYj4qiiztD2sNNEp5UhClp0NSDCdexNmmkrIuJ6J8NK1INUFszLT; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 2F76
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=238a7968-56dc-4824-979e-021d22fb1269&adk=1307713163&adf=2950210759&w=728&lmt=1570195440&guci=...
https://live.demand.supply/ds.2.html

0
0

24ms
24ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779425f3ccbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUmNZWIOw1bGnWsKc2HdAWnGwgvwo_Wg0T2Jkb3AFUbUL-d3HbbhoQCWrIi5; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 77DF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=3431708179&adf=603726025&w=300&lmt=1570195440&guci=...
https://live.demand.supply/ds.2.html

0
0

17ms
16ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779433abccbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUmwKx4InNF9mnGhyRNq7jshRBesb7A9aYkuBUPff5Pxs8K_TVLoH-uT6_n4; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame F0DB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=1166544748&adf=1558989094&w=300&lmt=1570195440&guci...
https://live.demand.supply/ds.2.html

0
0

18ms
18ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779432a76cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUnb7RnsXDZmbw_UXc3ATNndT3bWTPssyHYk7IpZaN8CHLg5sRZBGT2fb8tS; expires=Wed, 28-Oct-2020 13:24:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 72179016_221536025494531_5975318525677098778_n.jpg
scontent-lga3-1.cdninstagram.com/vp/3d375d0801d83a22ab205eef161df308/5E31C77E/t51.2885-15/e35/ 96 KB
96 KB 81ms
81ms Image
image/jpeg 2a03:2880:f212:c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/3d375d0801d83a22ab205eef161df308/5E31C77E/t51.2885-15/e35/72179016_221536025494531_5975318525677098778_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=107
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 0aac3e306e62c6c5f1a79b83b1d48b8e09f6d39b784eff04677be670bf0c3498

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 1230374878
date: Fri, 04 Oct 2019 13:24:00 GMT
x-fb-trip-id: 1679558926
x-enc-origin-hit-type: AcKgnCudR6uSpl8xWwetNY139mLbnA99Tw0gjwaXENCPyY55aOckCz2vQzWw
last-modified: Fri, 04 Oct 2019 01:40:32 GMT
x-enc-origin-req-handler: AcKtG9cZOheRT9u--z5Hrbgp5Geydh0gT2SxaMiARSPYtnmbFyu-OP7ylcaipCuQUj76_quncqxMR8w10A
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3921141543
x-fb-config-version-olb-prod: 588
timing-allow-origin: *
content-length: 98282

GET
H2

200

ds.2.html
live.demand.supply/ Frame 0576
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=3090277626&adf=433756377&w=300&lmt=1570195440&guci=...
https://live.demand.supply/ds.2.html

0
0

17ms
17ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077942b87ccbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame D8D4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=4047312840&adf=1274037384&w=300&lmt=1570195440&guci...
https://live.demand.supply/ds.2.html

0
0

18ms
18ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779433ab6cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame C22E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=1806952521&adf=3545066920&w=300&lmt=1570195440&guci...
https://live.demand.supply/ds.2.html

0
0

18ms
17ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077942e981cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 59A0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=399645089&adf=4074561850&w=300&lmt=1570195440&guci=...
https://live.demand.supply/ds.2.html

0
0

79ms
78ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077942e993cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 70124914_662661454562548_130060618020930452_n.jpg
scontent-lga3-1.cdninstagram.com/vp/a418817b76fb9c97d07d697972a8a7bf/5E174ED9/t51.2885-15/e35/s1080x1080/ 191 KB
191 KB 81ms
81ms Image
image/jpeg 2a03:2880:f212:c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/a418817b76fb9c97d07d697972a8a7bf/5E174ED9/t51.2885-15/e35/s1080x1080/70124914_662661454562548_130060618020930452_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=104
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 4c8ea1056f34edb16144a1974fdc2eff8a68ad6a5d32902d2e57cfe89d4d23c9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 336997883
date: Fri, 04 Oct 2019 13:24:01 GMT
x-fb-trip-id: 1679558926
x-enc-origin-hit-type: AcI_8a4lUqRRAA2uG6blzOOvBAEf0dghFh7359ugPYVe5cfqQOed54vnGjPi
last-modified: Fri, 04 Oct 2019 02:28:49 GMT
x-enc-origin-req-handler: AcJmZVF3YaUogOLEQsoBSpYCtp1-1PLPLihHkkzW9xgWWuBRdBU3Hu7Z8DglvTxvo1dzw4eFVz7SJfyS1g
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3279255299
x-fb-config-version-olb-prod: 588
timing-allow-origin: *
content-length: 195117

GET
H2

200

ds.2.html
live.demand.supply/ Frame 2B9F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=930178832&adf=23221440&w=300&lmt=1570195441&guci=1....
https://live.demand.supply/ds.2.html

0
0

18ms
18ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779439be1cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 9BB4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=2868234702&adf=1271019615&w=300&lmt=1570195441&guci...
https://live.demand.supply/ds.2.html

0
0

17ms
17ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077943ecf2cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 2273
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=1471101512&adf=3579956372&w=300&lmt=1570195441&guci...
https://live.demand.supply/ds.2.html

0
0

20ms
20ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077943dcaacbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 59A5 0
0 194ms
193ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=2788670161&adf=957869174&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441113&bpp=4&bdt=1495&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=25&uci=a!p&fsb=1&xpc=XF5SLodsPi&p=https%3A//imgrum.pw&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=2788670161&adf=957869174&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441113&bpp=4&bdt=1495&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=25&uci=a!p&fsb=1&xpc=XF5SLodsPi&p=https%3A//imgrum.pw&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUl3Cd0I-HeutLpEkUw1HGBnwAhFfxp5xhl8hUD-O7c6SKSRw9Umr3IPHRAz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 4443
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame AE9A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=3831553386&adf=1815861838&w=300&lmt=1570195441&guci...
https://live.demand.supply/ds.2.html

0
0

22ms
22ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d937b61a7dc17503a54063ef2c29576511570195440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779447ef3cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BA6F 0
0 224ms
223ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=85b9ed31-b811-4547-90e7-aa496c4cf9e4&adk=2879501258&adf=2950210759&w=728&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&wgl=1&adsid=NT&dt=1570195441158&bpp=5&bdt=1540&fdt=5&idt=5&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1110&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=27&uci=a!r&fsb=1&xpc=vqtfbKUm0W&p=https%3A//imgrum.pw&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=85b9ed31-b811-4547-90e7-aa496c4cf9e4&adk=2879501258&adf=2950210759&w=728&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&wgl=1&adsid=NT&dt=1570195441158&bpp=5&bdt=1540&fdt=5&idt=5&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1110&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=27&uci=a!r&fsb=1&xpc=vqtfbKUm0W&p=https%3A//imgrum.pw&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmwKx4InNF9mnGhyRNq7jshRBesb7A9aYkuBUPff5Pxs8K_TVLoH-uT6_n4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 19639
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 9603
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=d4fed06b-362a-4a8c-ac6c-dac6f99e44b9&adk=1281099848&adf=2499257358&w=300&lmt=1570195441&guci...
https://live.demand.supply/ds.2.html

0
0

20ms
20ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d21f21dc2a15363bb737b4372b2d93ee41570195441; expires=Sat, 03-Oct-20 13:24:01 GMT; path=/; domain=.demand.supply; HttpOnly
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 520779449f78cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BD67 0
0 157ms
157ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1927278007&adf=433756377&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441202&bpp=4&bdt=1584&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=29&uci=a!t&fsb=1&xpc=1nQL5PLR6l&p=https%3A//imgrum.pw&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1927278007&adf=433756377&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441202&bpp=4&bdt=1584&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=29&uci=a!t&fsb=1&xpc=1nQL5PLR6l&p=https%3A//imgrum.pw&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmwKx4InNF9mnGhyRNq7jshRBesb7A9aYkuBUPff5Pxs8K_TVLoH-uT6_n4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 4594
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3188 0
0 185ms
185ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=4067653773&adf=3545066920&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441223&bpp=4&bdt=1605&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=30&uci=a!u&fsb=1&xpc=P8WPTEFWdJ&p=https%3A//imgrum.pw&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=4067653773&adf=3545066920&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441223&bpp=4&bdt=1605&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=30&uci=a!u&fsb=1&xpc=P8WPTEFWdJ&p=https%3A//imgrum.pw&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmwKx4InNF9mnGhyRNq7jshRBesb7A9aYkuBUPff5Pxs8K_TVLoH-uT6_n4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 24269
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 2A3A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1387919568&adf=1558989094&w=300&lmt=1570195441&guci...
https://live.demand.supply/ds.2.html

0
0

19ms
15ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d21f21dc2a15363bb737b4372b2d93ee41570195441
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5207794529e6cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame CA18
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1958597493&adf=1274037384&w=300&lmt=1570195441&guci...
https://live.demand.supply/ds.2.html

0
0

33ms
33ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d21f21dc2a15363bb737b4372b2d93ee41570195441
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077944e8f4cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame EDB0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=4235438113&adf=603726025&w=300&lmt=1570195441&guci=...
https://live.demand.supply/ds.2.html

0
0

42ms
42ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d21f21dc2a15363bb737b4372b2d93ee41570195441
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077944d8b2cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 76E2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1756095137&adf=4074561850&w=300&lmt=1570195441&guci...
https://live.demand.supply/ds.2.html

0
0

96ms
92ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d21f21dc2a15363bb737b4372b2d93ee41570195441
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5207794529edcbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame F14D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1029451576&adf=23221440&w=300&lmt=1570195441&guci=1...
https://live.demand.supply/ds.2.html

0
0

92ms
91ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d21f21dc2a15363bb737b4372b2d93ee41570195441
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5207794539f8cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame A109 0
0 142ms
142ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=3574318620&adf=3579956372&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441351&bpp=4&bdt=1733&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=36&uci=a!10&fsb=1&xpc=JQXEdeFSlt&p=https%3A//imgrum.pw&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=3574318620&adf=3579956372&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441351&bpp=4&bdt=1733&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=554&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=16&bc=31&ifi=36&uci=a!10&fsb=1&xpc=JQXEdeFSlt&p=https%3A//imgrum.pw&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 19055
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 04-Oct-2019 13:39:01 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 04 Oct 2019 13:24:01 GMT
cache-control: private

GET
H2

200

ds.2.html
live.demand.supply/ Frame 052A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=88530251&adf=1271019615&w=300&lmt=1570195441&guci=1...
https://live.demand.supply/ds.2.html

0
0

34ms
33ms

Document
text/html

2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: __cfduid=d21f21dc2a15363bb737b4372b2d93ee41570195441
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
date: Fri, 04 Oct 2019 13:24:01 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: db3f80e7-4189-4378-bff1-d407b7e5c26f-4835857
cf-cache-status: HIT
age: 1528886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52077945cbf9cbac-VIE
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 04-Oct-2019 13:39:01 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1C6B 0
0 290ms
285ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1953529930&adf=1815861838&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441416&bpp=4&bdt=1798&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=483&ady=3286&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=16&bc=31&ifi=38&uci=a!12&fsb=1&xpc=jvV9kckGTr&p=https%3A//imgrum.pw&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191001/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3831894559014614&output=html&h=250&slotname=ee01a522-74a5-4abc-98fa-e43b9acab87c&adk=1953529930&adf=1815861838&w=300&lmt=1570195441&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fimgrum.pw%2Ftag%2Ftdbank&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1570195441416&bpp=4&bdt=1798&fdt=4&idt=4&shv=r20191001&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250%2C0x0%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=4267401712078&frm=20&pv=1&ga_vid=1206646052.1570195440&ga_sid=1570195440&ga_hid=2101410649&ga_fc=0&iag=0&icsg=687329640460&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=483&ady=3286&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&pvsid=2288134304823872&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=16&bc=31&ifi=38&uci=a!12&fsb=1&xpc=jvV9kckGTr&p=https%3A//imgrum.pw&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://imgrum.pw/tag/tdbank
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://imgrum.pw/tag/tdbank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Oct 2019 13:24:01 GMT
server: cafe
content-length: 24404
x-xss-protection: 0
set-cookie: IDE=AHWqTUmbSJZgcz0lBOpjEpXZxcp8BYRhLbLvtNQOLIkPIWj5ooxgcH6Up22Z8qWr; expires=Wed, 28-Oct-2020 13:24:01 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 04 Oct 2019 13:24:01 GMT
cache-control: private

POST
H2 200 / Show response
live.demand.supply/e/ 3 B
177 B 17ms
17ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/?gl=0.05&b=3&r=imgrum.pw_728x90_sticky_display_bottom&sy=f6b190a7-8b23-4d77-b90f-4497681cb955&ts=3&pud=405&pus=c&pue=3028&pid=14&pis=c&pie=3042&ppd=299&pps=a&ppe=3327&pad=24&pas=c&pae=3054&pcl=3304&ttc=3525&tti=4663&ttif=0&lca=3327&lcak=ppe&lct=3327&lctk=ppe&e=lm
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:01 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 520779466897cbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/e/ 3 B
57 B 16ms
16ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/?gl=0.05&b=3&r=imgrum.pw_300x250_imgrum&sy=f6b190a7-8b23-4d77-b90f-4497681cb955&ts=3&e=lm
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:01 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 520779469969cbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/e/ 3 B
57 B 45ms
45ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/?gl=0.05&b=3&r=imgrum.pw_300x250_imgrum&sy=f6b190a7-8b23-4d77-b90f-4497681cb955&ts=3&e=lm
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:01 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 52077946b9c1cbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/e/ 3 B
57 B 21ms
20ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/?gl=0.05&b=3&r=imgrum.pw_300x250_imgrum&sy=f6b190a7-8b23-4d77-b90f-4497681cb955&ts=3&e=lm
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:01 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 520779471b13cbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/e/ 3 B
57 B 16ms
16ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/?gl=0.05&b=3&r=imgrum.pw_300x250_imgrum&sy=f6b190a7-8b23-4d77-b90f-4497681cb955&ts=3&e=lm
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:01 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 520779484f3ccbb8-VIE
content-length: 3

POST
H2 200 / Show response
live.demand.supply/e/ 3 B
57 B 18ms
17ms XHR
text/plain 2606:4700::6810:8516
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/?gl=0.05&b=3&r=imgrum.pw_300x250_imgrum&sy=f6b190a7-8b23-4d77-b90f-4497681cb955&ts=3&e=lm
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v8.11.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Sec-Fetch-Mode: cors
Referer: https://imgrum.pw/tag/tdbank
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 13:24:01 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 520779487fd0cbb8-VIE
content-length: 3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pic.sfo2.digitaloceanspaces.com
URL: https://pic.sfo2.digitaloceanspaces.com/pictame/img/32.gif

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imgrum.pw/	1970-01-19 04:11:21	Name: _gid Value: GA1.2.376190757.1570195440
.imgrum.pw/	1970-01-19 21:41:07	Name: _ga Value: GA1.2.1206646052.1570195440
imgrum.pw/	1970-01-19 04:10:02	Name: laravel_session Value: eyJpdiI6IitqV2lDbFRpNW1lSGpnNHcwTVVqeEE9PSIsInZhbHVlIjoieHNyWmZYM0JnMEtnaVhBaWNGZm45QTVncGZLT0FsMDlGUUp1Rk92UE9udWV2N0ZMd29nZFpvVjFQR1FlMElQRiIsIm1hYyI6Ijc2ZTRiYmQ2YzUxNjY2MTliYjQyYTU4MTA3Zjk3Y2M3ZTRiZGQzN2YwMTc0ZjU3ZjM2YTc3ODA0YTIwYmEyNjQifQ%3D%3D
.imgrum.pw/	1970-01-19 04:09:55	Name: _gat_gtag_UA_112022825_1 Value: 1
imgrum.pw/	1970-01-19 04:10:02	Name: XSRF-TOKEN Value: eyJpdiI6IjRDQWJZZzlpemVBZXd5RzhhWkEzc3c9PSIsInZhbHVlIjoieXNuQ1wvZXB0bUs2SUZHTEtKTGh4dmZ5SEFRVWdodjJYY2lZb3ViYTJYYzFoK0lCOE1YQk1oVHVuU2YwallUaEMiLCJtYWMiOiI2MzE1NjM2YmQxYTJiYThiODk1YzczMzE3ODhkN2QwNGMxYTUxZjg4ZTYxMmY5ZjUzMWIwMzhkNzAyYTIwMDdhIn0%3D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	(Line 1) Message: undefined
console-api	log	(Line 1) Message: I: skip_sw_disabled
console-api	info	(Line 1) Message: service worker was checked for update true
console-api	info	(Line 1) Message: send: subscriptiondone

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.demand.supply
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imgrum.pw
live.demand.supply
outseeltor.com
pagead2.googlesyndication.com
pic.sfo2.digitaloceanspaces.com
qumagee.com
scontent-lga3-1.cdninstagram.com
unpkg.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.mb103.com
pic.sfo2.digitaloceanspaces.com
142.93.251.167
2606:4700::6810:7eaf
2606:4700::6810:8516
2606:4700::6813:c697
2a00:1450:4001:806::2002
2a00:1450:4001:814::2008
2a00:1450:4001:815::200e
2a00:1450:4001:817::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:825::2003
2a03:2880:f212:c4:face:b00c:0:43fe
2a04:4e42:1b::621
31.220.24.95
69.172.200.185
78.140.191.119
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
060c2e413e1ad3c0f96d60a80a4001e95dd1b765272c3c8362193e25034c8d9a
0aac3e306e62c6c5f1a79b83b1d48b8e09f6d39b784eff04677be670bf0c3498
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b
113ae78bf8809433e7b1be88444c3b66beb06ebcd12c763addb9c4d26630788d
161389f943f55297ede4d233f2891343529c2d1be84a6398c6b5d987714757fc
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e77eb6e079b70becbbb1e0251a73b9b955296f89220f948a54c1a36e5373efe
30f5f0d8f3de4a9ede0ba1ceaebed2422993b22ad67e52918a6379d462730eaa
35ecbd48276f3dec75c9f9c8f9f638ad2aeb5b74c387a731cefade25466e9ffb
4c8ea1056f34edb16144a1974fdc2eff8a68ad6a5d32902d2e57cfe89d4d23c9
4d086a555d1a3812c79f627d5c215551a65a07934791a4c2d889e6d0ff175a1d
51e66484ec144f644889f39733b2ae2fb6a888cde37e1141aa4e0e68b9d8dc61
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
66c30aff703d834793ae35e1af2406e4c0132db0117df840053473e2da486de0
6f2065a289353b91b5698665b4b8097421f0c4401bbbc5f5ef06461f5b175ce8
764f3462a55275c599ea9a2941db915ec788cb9b67334378cb64772c05bc7a08
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b863e8511d4579e0e33ce17fd4db1393bec7c82e1daa9f7466ad87f46240034
8287cb37c57e9887faa0e99dd278dc40204edc68c2d5f0978cc72455e3d325cc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ca56142a96dfa2c72a5efa2813eab9683af60a892d59e3501f87afe59fa8e51
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
a1b8bf411666703fa4f860a058f53ce6e752f92cc3c65492a42959d2cb05fd02
a75fe05d1235a4bd068ec1e465803e2325328410abd13230638cf816e72f6bb0
aa6e7e5f2a807f5994770e50a3fe884997a3fb0884895dcb38805ef9928759ee
aae5672817ea3dbafbeb00e6064743e5101354edd50352691adebf440999672c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c71c456b8b74f5012aedb9b0116007e263b5bff4e181e9cd685bb8508cc01e1e
ca5782ad8d7664a4f48c68551d9c65d7a1262d4754086e047fbc29f023a024a1
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e4cab4c6fef409a6040593b720776ce236bfd97b93ef04e204a457f816149d03
ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3
f295ef15e6d4fa795082e3f9d1e098b7c3530e1609d0a47b178c1f042feb4f87
f3865a1c289aa9b59ac48de075e039ccbe98d4e8c2d02377918ee7817f58bdd2
f76d4abfa29ec3356db5d54a48e11550a85dfa814d88fcab79310be8bbc68e2d
f7bb337d79dc74acd32c1dca24a6549a7a5e31191ff11e7e7c04da99017c843c
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0
fc6f177cece9b5ce011f10645a8f1b5e174b76156e1e223784b15bf88548c4fb
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

imgrum.pw Open in urlscan Pro 142.93.251.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

120 Requests

99 %HTTPS

73 %IPv6

19 Domains

20 Subdomains

16 IPs

5 Countries

1295 kBTransfer

1932 kBSize

5 Cookies

2 Outgoing links

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

imgrum.pw Open in urlscan Pro
142.93.251.167 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

99 %
HTTPS

73 %
IPv6

19
Domains

20
Subdomains

16
IPs

5
Countries

1295 kB
Transfer

1932 kB
Size

5
Cookies

120 HTTP transactions
1 data transactions