umbrella-zip.pages.dev Open in urlscan Pro
172.66.44.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://umbrella-zip.pages.dev/
Effective URL:
https://umbrella-zip.pages.dev/
Submission Tags: @phish_report
Submission: On May 27 via api (May 27th 2025, 6:49:19 pm UTC) from FI — Scanned from AU

Summary HTTP 217 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 78 IPs in 10 countries across 45 domains to perform 217 HTTP transactions. The main IP is 172.66.44.90, located in United States and belongs to CLOUDFLARENET, US. The main domain is umbrella-zip.pages.dev.
TLS certificate: Issued by WE1 on May 20th 2025. Valid for: 3 months.

This is the only time umbrella-zip.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	172.66.44.90 172.66.44.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.46.10.201 23.46.10.201	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
9	142.250.66.194 142.250.66.194	15169 (GOOGLE) (GOOGLE)
18	151.101.130.219 151.101.130.219	54113 (FASTLY) (FASTLY)
1	142.251.221.78 142.251.221.78	15169 (GOOGLE) (GOOGLE)
1	108.158.32.39 108.158.32.39	16509 (AMAZON-02) (AMAZON-02)
1	18.67.110.28 18.67.110.28	16509 (AMAZON-02) (AMAZON-02)
1	104.17.31.174 104.17.31.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	74.119.117.17 74.119.117.17	19750 (AS-CRITEO) (AS-CRITEO)
4	162.19.138.116 162.19.138.116	16276 (OVH OVH SAS) (OVH OVH SAS)
2	54.225.240.34 54.225.240.34	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.203.250.10 52.203.250.10	14618 (AMAZON-AES) (AMAZON-AES)
2	64.233.188.97 64.233.188.97	15169 (GOOGLE) (GOOGLE)
2	108.158.21.92 108.158.21.92	16509 (AMAZON-02) (AMAZON-02)
1	104.18.128.216 104.18.128.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.67.106.137 18.67.106.137	16509 (AMAZON-02) (AMAZON-02)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	103.43.91.17 103.43.91.17	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	207.65.33.78 207.65.33.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	69.173.158.65 69.173.158.65	26667 (RUBICONPR...) (RUBICONPROJECT)
1	182.161.73.172 182.161.73.172	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	54.255.192.26 54.255.192.26	16509 (AMAZON-02) (AMAZON-02)
4	13.251.204.29 13.251.204.29	16509 (AMAZON-02) (AMAZON-02)
1	108.158.20.65 108.158.20.65	16509 (AMAZON-02) (AMAZON-02)
1	104.18.28.101 104.18.28.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.36.110 172.67.36.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.52.86 104.22.52.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.169.72.96 54.169.72.96	16509 (AMAZON-02) (AMAZON-02)
1	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	162.19.138.83 162.19.138.83	16276 (OVH OVH SAS) (OVH OVH SAS)
1	57.129.92.70 57.129.92.70	16276 (OVH OVH SAS) (OVH OVH SAS)
1 2	54.66.34.108 54.66.34.108	16509 (AMAZON-02) (AMAZON-02)
3	108.158.32.13 108.158.32.13	16509 (AMAZON-02) (AMAZON-02)
1 3	18.65.244.106 18.65.244.106	16509 (AMAZON-02) (AMAZON-02)
1	23.32.5.175 23.32.5.175	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	142.251.221.66 142.251.221.66	15169 (GOOGLE) (GOOGLE)
2	64.233.188.132 64.233.188.132	15169 (GOOGLE) (GOOGLE)
2	74.125.203.95 74.125.203.95	15169 (GOOGLE) (GOOGLE)
1	18.67.93.103 18.67.93.103	16509 (AMAZON-02) (AMAZON-02)
2	3.25.26.222 3.25.26.222	16509 (AMAZON-02) (AMAZON-02)
3	173.194.174.132 173.194.174.132	15169 (GOOGLE) (GOOGLE)
1	51.195.34.255 51.195.34.255	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.73.74 51.195.73.74	16276 (OVH OVH SAS) (OVH OVH SAS)
2	135.125.146.86 135.125.146.86	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.73.113 51.195.73.113	16276 (OVH OVH SAS) (OVH OVH SAS)
2	51.195.126.30 51.195.126.30	16276 (OVH OVH SAS) (OVH OVH SAS)
2	51.195.73.71 51.195.73.71	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.127.115 51.195.127.115	16276 (OVH OVH SAS) (OVH OVH SAS)
3	135.125.140.162 135.125.140.162	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.34.222 51.195.34.222	16276 (OVH OVH SAS) (OVH OVH SAS)
1	135.125.146.80 135.125.146.80	16276 (OVH OVH SAS) (OVH OVH SAS)
1	135.125.146.82 135.125.146.82	16276 (OVH OVH SAS) (OVH OVH SAS)
7	142.250.67.1 142.250.67.1	15169 (GOOGLE) (GOOGLE)
21	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
1	104.16.175.226 104.16.175.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.158.32.77 108.158.32.77	16509 (AMAZON-02) (AMAZON-02)
2	142.250.67.4 142.250.67.4	15169 (GOOGLE) (GOOGLE)
1	18.67.93.59 18.67.93.59	16509 (AMAZON-02) (AMAZON-02)
1	139.5.86.204 139.5.86.204	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	3.33.241.113 3.33.241.113	16509 (AMAZON-02) (AMAZON-02)
2	142.250.66.226 142.250.66.226	15169 (GOOGLE) (GOOGLE)
1	18.67.110.93 18.67.110.93	16509 (AMAZON-02) (AMAZON-02)
37	142.250.67.6 142.250.67.6	15169 (GOOGLE) (GOOGLE)
2	172.217.167.74 172.217.167.74	15169 (GOOGLE) (GOOGLE)
2	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
1	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
1	172.217.167.99 172.217.167.99	15169 (GOOGLE) (GOOGLE)
1	104.17.73.14 104.17.73.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.204.10 142.250.204.10	15169 (GOOGLE) (GOOGLE)
1	104.18.24.18 104.18.24.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	44.240.150.157 44.240.150.157	16509 (AMAZON-02) (AMAZON-02)
5	34.202.218.7 34.202.218.7	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.204.3 142.250.204.3	15169 (GOOGLE) (GOOGLE)
1	3.232.4.118 3.232.4.118	14618 (AMAZON-AES) (AMAZON-AES)
2	18.67.110.70 18.67.110.70	16509 (AMAZON-02) (AMAZON-02)
217	78

10 172.66.44.90 (United States)

ASN13335 (CLOUDFLARENET, US)

umbrella-zip.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.46.10.201 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-46-10-201.deploy.static.akamaitechnologies.com

cdn.ziffstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.130.219 (San Francisco, United States)

ASN54113 (FASTLY, US)

b.cdnst.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.221.78 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.32.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-39.syd3.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.110.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-28.syd62.r.cloudfront.net

client.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.31.174 (None, )

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.225.240.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-240-34.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.203.250.10 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-250-10.compute-1.amazonaws.com

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.188.97 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.158.21.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-21-92.syd62.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.128.216 (None, )

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.106.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-106-137.syd62.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.43.91.17 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 1047.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.172 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

grid-bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.255.192.26 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-192-26.ap-southeast-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.251.204.29 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-204-29.ap-southeast-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.20.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-65.syd62.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.101 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.36.110 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.169.72.96 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-72-96.ap-southeast-1.compute.amazonaws.com

c.ltmsphrcl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532338.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 57.129.92.70 (France)

ASN16276 (OVH OVH SAS, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.66.34.108 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-34-108.ap-southeast-2.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.158.32.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-13.syd3.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.244.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-106.syd3.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.5.175 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-32-5-175.deploy.static.akamaitechnologies.com

cdn.static.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.66 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.188.132 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f132.1e100.net

bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.203.95 (United States)

ASN15169 (GOOGLE, US)
PTR: th-in-f95.1e100.net

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-103.syd62.r.cloudfront.net

bee.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.25.26.222 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-25-26-222.ap-southeast-2.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.174.132 (United States)

ASN15169 (GOOGLE, US)
PTR: td-in-f132.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.34.255 (Jordan)

ASN16276 (OVH OVH SAS, FR)
PTR: ip255.ip-51-195-34.eu

d0.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.73.74 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip74.ip-51-195-73.eu

d1.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.146.86 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip86.ip-135-125-146.eu

d2.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d0.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.73.113 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip113.ip-51-195-73.eu

d3.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.126.30 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip30.ip-51-195-126.eu

d4.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d4.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.73.71 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip71.ip-51-195-73.eu

d5.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d2.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.127.115 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip115.ip-51-195-127.eu

d6.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 135.125.140.162 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip162.ip-135-125-140.eu

d7.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d3.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d6.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.34.222 (Jordan)

ASN16276 (OVH OVH SAS, FR)
PTR: ip222.ip-51-195-34.eu

d1.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.146.80 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip80.ip-135-125-146.eu

d5.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.146.82 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip82.ip-135-125-146.eu

d7.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.67.1 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.175.226 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.32.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-77.syd3.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.67.4 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-59.syd62.r.cloudfront.net

sm4wbr2q3dpcf3f6sl3audnwhm9w51748371763.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.5.86.204 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a4734.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.241.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae69789f15ba8a942.awsglobalaccelerator.com

sg2-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.66.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.110.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-93.syd62.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.250.67.6 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f10.1e100.net

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.167.99 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.73.14 (None, )

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.10 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.240.150.157 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-150-157.us-west-2.compute.amazonaws.com

zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.202.218.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-218-7.compute-1.amazonaws.com

gurgle.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.4.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-4-118.compute-1.amazonaws.com

jogger.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.110.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-70.syd62.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 526	1 MB
30	googlesyndication.com bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 220 pagead2.googlesyndication.com — Cisco Umbrella Rank: 151	282 KB
18	cdnst.net b.cdnst.net — Cisco Umbrella Rank: 53862	2 MB
13	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 ad.doubleclick.net — Cisco Umbrella Rank: 229 stats.g.doubleclick.net — Cisco Umbrella Rank: 260	292 KB
10	zdbb.net cdn.static.zdbb.net — Cisco Umbrella Rank: 29542 zdbb.net — Cisco Umbrella Rank: 18942 gurgle.zdbb.net — Cisco Umbrella Rank: 39599 jogger.zdbb.net — Cisco Umbrella Rank: 33018	50 KB
10	imrworldwide.com 1 redirects secure-us.imrworldwide.com — Cisco Umbrella Rank: 4446 cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 4668 bee.imrworldwide.com — Cisco Umbrella Rank: 52591 sm4wbr2q3dpcf3f6sl3audnwhm9w51748371763.nuid.imrworldwide.com	77 KB
10	pages.dev umbrella-zip.pages.dev	160 KB
8	eu-4-id5-sync.com d0.eu-4-id5-sync.com — Cisco Umbrella Rank: 40594 d1.eu-4-id5-sync.com — Cisco Umbrella Rank: 41174 d2.eu-4-id5-sync.com — Cisco Umbrella Rank: 40699 d3.eu-4-id5-sync.com — Cisco Umbrella Rank: 41328 d4.eu-4-id5-sync.com — Cisco Umbrella Rank: 41116 d5.eu-4-id5-sync.com — Cisco Umbrella Rank: 40916 d6.eu-4-id5-sync.com — Cisco Umbrella Rank: 40896 d7.eu-4-id5-sync.com — Cisco Umbrella Rank: 41056	1 KB
8	eu-3-id5-sync.com d0.eu-3-id5-sync.com — Cisco Umbrella Rank: 41588 d1.eu-3-id5-sync.com — Cisco Umbrella Rank: 41921 d2.eu-3-id5-sync.com — Cisco Umbrella Rank: 41104 d3.eu-3-id5-sync.com — Cisco Umbrella Rank: 41783 d4.eu-3-id5-sync.com — Cisco Umbrella Rank: 41880 d5.eu-3-id5-sync.com — Cisco Umbrella Rank: 41647 d6.eu-3-id5-sync.com — Cisco Umbrella Rank: 41681 d7.eu-3-id5-sync.com — Cisco Umbrella Rank: 41795	1 KB
5	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 445 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 341 fonts.googleapis.com — Cisco Umbrella Rank: 107	159 KB
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 473 ep2.adtrafficquality.google — Cisco Umbrella Rank: 478	26 KB
5	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 560 cdn.id5-sync.com — Cisco Umbrella Rank: 922	34 KB
5	amazon-adsystem.com config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 917 client.aps.amazon-adsystem.com — Cisco Umbrella Rank: 4973 c.amazon-adsystem.com — Cisco Umbrella Rank: 398 aax.amazon-adsystem.com — Cisco Umbrella Rank: 538	88 KB
4	google.com www.google.com — Cisco Umbrella Rank: 9 analytics.google.com — Cisco Umbrella Rank: 240	565 B
4	yahoo.com c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 4369	809 B
4	casalemedia.com 1 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 819 a4734.casalemedia.com — Cisco Umbrella Rank: 323247 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 802	6 KB
4	liadm.com 1 redirects idx.liadm.com — Cisco Umbrella Rank: 2513 rp.liadm.com — Cisco Umbrella Rank: 1643	1 KB
4	ziffstatic.com cdn.ziffstatic.com — Cisco Umbrella Rank: 21563	260 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 271	8 KB
3	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1148 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1436	846 B
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 524 grid-bidder.criteo.com — Cisco Umbrella Rank: 1372	1002 B
2	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 1437	8 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 427	34 KB
2	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1633 lexicon.33across.com — Cisco Umbrella Rank: 2528	8 KB
2	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1796	810 B
2	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 710	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 100	251 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 14739 prism.app-us1.com — Cisco Umbrella Rank: 15048	8 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 1039	352 B
1	cloudflare.com ajax.cloudflare.com — Cisco Umbrella Rank: 2088	12 KB
1	google.com.au www.google.com.au — Cisco Umbrella Rank: 17609	63 B
1	truste.com choices.truste.com — Cisco Umbrella Rank: 1445	9 KB
1	adsrvr.org sg2-bid.adsrvr.org — Cisco Umbrella Rank: 13943	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 360	10 KB
1	ltmsphrcl.net c.ltmsphrcl.net — Cisco Umbrella Rank: 6343	470 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2399	323 B
1	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1164	13 KB
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 782	286 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 838	299 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 392	1 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1481	561 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 6702	87 KB
0	kargo.com Failed crb.kargo.com Failed
0	rlcdn.com Failed api.rlcdn.com Failed
217	45

	Domain	Requested by
34	s0.2mdn.net	umbrella-zip.pages.dev s0.2mdn.net
21	pagead2.googlesyndication.com	securepubads.g.doubleclick.net bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com pagead2.googlesyndication.com ep2.adtrafficquality.google ad.doubleclick.net tpc.googlesyndication.com s0.2mdn.net srcdoc
18	b.cdnst.net	umbrella-zip.pages.dev
10	umbrella-zip.pages.dev	umbrella-zip.pages.dev b.cdnst.net
9	securepubads.g.doubleclick.net	umbrella-zip.pages.dev securepubads.g.doubleclick.net pagead2.googlesyndication.com bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com umbrella-zip.pages.dev tpc.googlesyndication.com s0.2mdn.net
5	gurgle.zdbb.net	cdn.static.zdbb.net
4	cdn-gl.imrworldwide.com	secure-us.imrworldwide.com cdn-gl.imrworldwide.com
4	secure-us.imrworldwide.com	1 redirects secure-us.imrworldwide.com
4	c2shb.pubgw.yahoo.com	cdn.ziffstatic.com
4	id5-sync.com	cdn.ziffstatic.com cdn.id5-sync.com
4	cdn.ziffstatic.com	umbrella-zip.pages.dev
3	zdbb.net	cdn.static.zdbb.net
3	ad.doubleclick.net	www.googletagservices.com umbrella-zip.pages.dev
3	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
3	sb.scorecardresearch.com	1 redirects
2	choices.trustarc.com	choices.truste.com
2	analytics.google.com	www.googletagmanager.com
2	ssum-sec.casalemedia.com	1 redirects srcdoc
2	firebaseremoteconfig.googleapis.com	b.cdnst.net
2	www.googletagservices.com	srcdoc www.googletagservices.com
2	www.google.com	ep2.adtrafficquality.google www.googletagmanager.com
2	firebaseinstallations.googleapis.com	b.cdnst.net
2	bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
2	lb.eu-1-id5-sync.com	cdn.ziffstatic.com cdn.id5-sync.com
2	btlr.sharethrough.com	cdn.ziffstatic.com
2	fastlane.rubiconproject.com	cdn.ziffstatic.com
2	c.amazon-adsystem.com	client.aps.amazon-adsystem.com
2	www.googletagmanager.com	umbrella-zip.pages.dev www.googletagmanager.com
2	rp.liadm.com	1 redirects umbrella-zip.pages.dev
2	idx.liadm.com	cdn.ziffstatic.com
2	gum.criteo.com	cdn.ziffstatic.com
1	jogger.zdbb.net	cdn.static.zdbb.net
1	fonts.gstatic.com	fonts.googleapis.com
1	js-sec.indexww.com	ssum-sec.casalemedia.com
1	fonts.googleapis.com	s0.2mdn.net
1	ajax.cloudflare.com	ssum-sec.casalemedia.com
1	www.google.com.au
1	stats.g.doubleclick.net	www.googletagmanager.com
1	choices.truste.com	srcdoc
1	sg2-bid.adsrvr.org	srcdoc
1	a4734.casalemedia.com	srcdoc
1	sm4wbr2q3dpcf3f6sl3audnwhm9w51748371763.nuid.imrworldwide.com
1	cdn.jsdelivr.net	bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com
1	d7.eu-4-id5-sync.com	cdn.id5-sync.com
1	d6.eu-4-id5-sync.com	cdn.id5-sync.com
1	d5.eu-4-id5-sync.com	cdn.id5-sync.com
1	d4.eu-4-id5-sync.com	cdn.id5-sync.com
1	d3.eu-4-id5-sync.com	cdn.id5-sync.com
1	d2.eu-4-id5-sync.com	cdn.id5-sync.com
1	d1.eu-4-id5-sync.com	cdn.id5-sync.com
1	d0.eu-4-id5-sync.com	cdn.id5-sync.com
1	d7.eu-3-id5-sync.com	cdn.id5-sync.com
1	d6.eu-3-id5-sync.com	cdn.id5-sync.com
1	d5.eu-3-id5-sync.com	cdn.id5-sync.com
1	d4.eu-3-id5-sync.com	cdn.id5-sync.com
1	d3.eu-3-id5-sync.com	cdn.id5-sync.com
1	d2.eu-3-id5-sync.com	cdn.id5-sync.com
1	d1.eu-3-id5-sync.com	cdn.id5-sync.com
1	d0.eu-3-id5-sync.com	cdn.id5-sync.com
1	bee.imrworldwide.com	secure-us.imrworldwide.com
1	cdn.static.zdbb.net	www.googletagmanager.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	lexicon.33across.com	cdn-ima.33across.com
1	c.ltmsphrcl.net	tags.crwdcntrl.net
1	cdn.id5-sync.com	umbrella-zip.pages.dev
1	cdn.hadronid.net	umbrella-zip.pages.dev
1	cdn-ima.33across.com	umbrella-zip.pages.dev
1	tags.crwdcntrl.net	umbrella-zip.pages.dev
1	grid-bidder.criteo.com	cdn.ziffstatic.com
1	hbopenbid.pubmatic.com	cdn.ziffstatic.com
1	htlb.casalemedia.com	cdn.ziffstatic.com
1	rtb.openx.net	cdn.ziffstatic.com
1	ib.adnxs.com	cdn.ziffstatic.com
1	prebid.media.net	cdn.ziffstatic.com
1	aax.amazon-adsystem.com	client.aps.amazon-adsystem.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	diffuser-cdn.app-us1.com	umbrella-zip.pages.dev
1	client.aps.amazon-adsystem.com	cdn.ziffstatic.com
1	config.aps.amazon-adsystem.com	cdn.ziffstatic.com
1	www.googleoptimize.com	umbrella-zip.pages.dev
0	crb.kargo.com Failed
0	api.rlcdn.com Failed	cdn.ziffstatic.com
217	84

This site contains links to these domains. Also see Links.

Domain
play.google.com
www.ookla.com
www.speedtest.net
downdetector.com
help.speedtest.net
twitter.com
www.facebook.com
ziffdavis.com
www.ekahau.com
rootmetrics.com
www.ziffdavis.com
status.ookla.com
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
umbrella-zip.pages.dev WE1	`2025-05-20` - `2025-08-18`	3 months	crt.sh
www.ziffdavis.com COMODO RSA Organization Validation Secure Server CA	`2024-07-01` - `2025-07-01`	a year	crt.sh
*.g.doubleclick.net WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.speedtest.net GlobalSign Atlas R3 DV TLS CA 2024 Q4	`2024-11-26` - `2025-12-28`	a year	crt.sh
*.google-analytics.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-12-22` - `2026-01-21`	a year	crt.sh
client.aps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
diffuser-cdn.app-us1.com WE1	`2025-04-27` - `2025-07-26`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-18` - `2025-07-17`	3 months	crt.sh
id5-sync.com E6	`2025-05-01` - `2025-07-30`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2024-07-31` - `2025-08-29`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-18`	a year	crt.sh
prism.app-us1.com WE1	`2025-04-28` - `2025-07-27`	3 months	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2025-03-31` - `2026-04-29`	a year	crt.sh
prebid.media.net WR3	`2025-05-22` - `2025-08-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2025-02-21` - `2026-03-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
casalemedia.com E6	`2025-04-08` - `2025-07-07`	3 months	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-19` - `2026-03-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	a year	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2025-02-04` - `2025-07-30`	6 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
hadronid.net WE1	`2025-05-18` - `2025-08-16`	3 months	crt.sh
*.ltmsphrcl.net Amazon RSA 2048 M02	`2024-09-08` - `2025-10-08`	a year	crt.sh
lexicon.33across.com WR3	`2025-04-21` - `2025-07-20`	3 months	crt.sh
eu-1-id5-sync.com R11	`2025-05-01` - `2025-07-30`	3 months	crt.sh
adtrafficquality.google WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
upload.video.google.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2025-02-11` - `2026-02-11`	a year	crt.sh
*.imrworldwide.com GlobalSign RSA OV SSL CA 2018	`2025-01-06` - `2026-02-07`	a year	crt.sh
eu-3-id5-sync.com E6	`2025-05-01` - `2025-07-30`	3 months	crt.sh
eu-4-id5-sync.com E6	`2025-05-01` - `2025-07-30`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-25` - `2026-05-04`	a year	crt.sh
*.google.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon RSA 2048 M03	`2025-04-23` - `2026-05-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
*.truste.com Amazon RSA 2048 M02	`2024-10-17` - `2025-11-14`	a year	crt.sh
*.doubleclick.net WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.google.com.au WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
ajax.cloudflare.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-08-07` - `2025-08-06`	a year	crt.sh
indexww.com WE1	`2025-05-26` - `2025-08-24`	3 months	crt.sh
zdbb.net Amazon RSA 2048 M02	`2024-10-27` - `2025-11-25`	a year	crt.sh
*.zdbb.net Amazon RSA 2048 M02	`2025-01-03` - `2026-02-01`	a year	crt.sh
*.gstatic.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M03	`2025-02-14` - `2026-03-14`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://umbrella-zip.pages.dev/
Frame ID: A2583342CB7753B3BC3BCEF8D6802BA4
Requests: 120 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: C4C35A0EF2A6957772A684C4A2F14E7E
Requests: 1 HTTP requests in this frame

Frame: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 0C0F571A3FD0A508F687CFBFDDECA3AB
Requests: 1 HTTP requests in this frame

Frame: https://secure-us.imrworldwide.com/storageframe.html
Frame ID: DC16EBE012DED1713189F9F4B589EE2F
Requests: 1 HTTP requests in this frame

Frame: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 093FA8E52A039E3257B20CFCBE5D024C
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20250522/r20110914/abg_lite_fy2021.js
Frame ID: 6B524B4837199E0423F8333AB93B4253
Requests: 10 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: E5DB25C042F3D51DE9A1FDC8F0673B41
Requests: 3 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 5A55A3A7C941194E85C934E5D0C5BD2E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8149A0BCEF7A2600FFDBE850BA8B62AF
Requests: 2 HTTP requests in this frame

Frame: https://a4734.casalemedia.com/impression/v2/785511/39/d0r0icbk6j6n3o2quokg/6032ba1d-7e90-4e90-a20b-e79a0e14e7b0?verifieD=1&userID=&cmpro=0&deviceType=4&expiryTime=1748372361&profileIDs=&creativeID=301c3d3&pubID=183785&format=banner&channel=site&ee=1
Frame ID: C92687F6C3A715A30A3AD2524FC5D65D
Requests: 18 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183785&gdpr=0&C=1
Frame ID: C29588DC9BF659329B5FCB876B2C0771
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 36492E43AD68ECC04D29AFAE3334322D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253
Frame ID: ED74457D5D43238EC329DDB087590E55
Requests: 37 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3zhzaWtBSIBleekZA0oPQq4pHiK3jhV5AuyTkGLawHs.js
Frame ID: ECD358762020E47436064028121D1B7B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 24F7C8431C1996DAA5142A96BFF8B3B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Speedtest by Ookla - The Global Broadband Speed Test

Page URL History Show full URLs

http://umbrella-zip.pages.dev/ HTTP 307
https://umbrella-zip.pages.dev/ Page URL

Detected technologies

RequireJS (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

217
Requests

98 %
HTTPS

0 %
IPv6

45
Domains

84
Subdomains

78
IPs

10
Countries

4822 kB
Transfer

14604 kB
Size

48
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=org.zwanoo.android.speedtest&referrer=utm_source%3Dspeedtest%26utm_medium%3Dmobile_web%26utm_campaign%3Dmobile_menu

Search URL Search Domain Scan URL

URL: https://www.ookla.com/articles
Title: Ookla Research™

Search URL Search Domain Scan URL

URL: https://www.ookla.com/resources/guides/speedtest-methodology
Title: Methodology

Search URL Search Domain Scan URL

URL: https://www.ookla.com/about/press
Title: Press

Search URL Search Domain Scan URL

URL: https://www.ookla.com/
Title: Ookla

Search URL Search Domain Scan URL

URL: https://www.speedtest.net/login

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=org.zwanoo.android.speedtest&referrer=utm_source%3Dspeedtest%26utm_medium%3Dmobile_web_test%26utm_campaign%3Dmwt_post_test
Title: Get more metrics, video testing, mobile coverage maps, and lots more...

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=org.zwanoo.android.speedtest&referrer=utm_source%3Dspeedtest%26utm_medium%3Dmobile_web_test%26utm_campaign%3Dmwt_during_test
Title: Get more metrics, video testing, mobile coverage maps, and more with the Speedtest app

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=org.zwanoo.android.speedtest&referrer=utm_source%3Dspeedtest%26utm_medium%3Dmobile_web_test%26utm_campaign%3Dmwt_pre_test
Title: Speedtest is better with the app. Download the Speedtest app for more metrics, video testing, mobile coverage maps, and more.

Search URL Search Domain Scan URL

URL: https://downdetector.com/
Title: Check for Outages

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=org.zwanoo.android.speedtest&referrer=utm_source%3Dspeedtest%26utm_medium%3Dmobile_web%26utm_campaign%3Dmobile_apps
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: https://help.speedtest.net/hc/en-us
Title: Get Help

Search URL Search Domain Scan URL

URL: https://www.ookla.com/research
Title: Ookla Research

Search URL Search Domain Scan URL

URL: https://www.ookla.com/network
Title: Speedtest Servers™

Search URL Search Domain Scan URL

URL: https://twitter.com/speedtest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/speedtest

Search URL Search Domain Scan URL

URL: https://ziffdavis.com/
Title: Ziff Davis

Search URL Search Domain Scan URL

URL: https://www.ekahau.com/
Title: Ekahau®

Search URL Search Domain Scan URL

URL: https://rootmetrics.com/
Title: RootMetrics®

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/cookie-policy
Title: Cookie Policy.

Search URL Search Domain Scan URL

URL: https://status.ookla.com/
Title: Network Status

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsuqz-CZCsVV7yd-hUpWPpiLR50lF5NPn0Jr7UQljRc9cwYTGQcKBht7_T5WQc_MdNq6WaPWrX5btpPwxp972tSQOapwk0SE4aAFLJ-6ViWeu7UPYR6J2tQo7X2i39HUq1RqDocguNhuSo81SEE2LHwgcso7eA9vuL-gzaJL_wqyhuRrD-ej2PW-k_rJv8uskOZOV5YpDB6kxHYbjid28tAIcx5CMCBsrd2nFNQGn4sKhvarUVbfCtzVHNTLvsj_3LqAigsvQPqfFU5aNvw2ZyTb79-UMuGGLspDz-spr4XIgBdBYnq8aQmxn7D2J_oiwsO7qZ7qtCmYmpuEeEYN7-SLoyvwWD2AaAixNrNRNe7m8Nm1h5s82w6eTc-FihLDktvn9uAqqADnTtXXvDJrWEnfvQL_Zv-rftrzxCHJHHzqWWEYTbw&sai=AMfl-YQ4grVphGrDqwE118hso17j96-eknn64FJh7bvh-6z6cocoLN66mVI4euFrSJddt6C223xeLjt_A-aHzDKdb0qKOLuXzO16RzB3FxHw8V8FaQwBY673FfmcvFgtsqfdI3-qw1eJR-MARodGV0jE&sig=Cg0ArKJSzF9hWivAvdRm&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://www.speedtest.net/apps/mobile%3Futm_source%3Dhouse_ad%26utm_medium%3Dbanner%26utm_campaign%3Dmobile_app

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=ASp5-QCogERXoy4wI0GTBduKx5drSWbkWOoKGwo_b2SdCi4ufI_UPQFzn_vBp3LHXQmp2YoGnZesSt-0wlO5rHGr-LeHuMWbn14_teZQ5tXNqhXXtGrZyIEDG0Vw_5dDAJnadfOe4lu-sDEjEpD8U-3iKd8xs2rSeSqiMsr1jruqtrQkXWiMZroRHL9ePfVMg8dRVHB4xsrQcZIQEiwXktlkhlIj9YFNFuWBIeo-CO5CM0aAhWmruiunxscer7SP9QgF1p_oCXcLi00gU41mApuaVGESmVLgGduUClHpbmKiNyTsPUPeyzTxDRPAdtP0Cjb4LvSQ8W6AR4Wr-nUjr3tEkO2qWjZtKFTEwjFyVlzZ6GWerrBCC7qK9uhOctYx7Df-OOWA0CSYWjG39pen-IngVflNib7EDH1b76IQRCYJTGyzZ0WA1yFl3puv7C_FFSYcUb4tvDs6RQ8oL2yfAYPZrU8LUoCVDCOC7NRB0N4OF7NEVfg5aaIcrH2G-ujDV5YeAEw3bhb5m8VCwXRKRVY0PqBSSVq7QqIHpLPd23jwOLOYQE7eEOzw5nv4I_IV2ree_PNWVZQAaDllq9qdrlSy53ISWaXocnQV09e6GQis1jlOry1sr2RT9is2JRUhPKhEq0AoXtrrftnLs2XAJIAedo2N429yQdZtXhIqpVtnACIFRcj0EVl3Hu7p4PxhMukLyofMwcaY71tExasipUxhMAXmdDgsBzggyRpUiVBV7e4rf-zUE0gWEHQVj2URRu6o09dx1rTcFddkjJwwADOpxnU1t89KiWvzIpwWhwdp1w_Lv-VmpvSvUdxhe8fab5VnlGfgE9WGYfvPCOZXumgue2-WHhVgdysTBHkSaaO1bXM21hhsGqNhitzF9RyK31vqdxK2u3Nh0FPn91jV_l2KpS__3U-NxTq7dsSzzrbU1C7zEB6MKNOZBKeV0PQVNbatWArTVZ704Ih0Shjn2TM_vpuqvy-hoO1Yk0CapE-D8dAVFf63ENRp45SgceTQ65Zo8MWC8CIFi_f0Om2bqJQhMrwUFOwAbW1N4ZOFMBdRimeV2DbOWFPdIXgHtR13PpOZRRNOnN1x0fyWGYTdQHXKf1gOZI-fNUuEjy9gnNrQriTNxiC1b_ePTWJzAw8mI-nNaUOyHTllZaEmfzoOeJq8YWIQeBKnEUAwleotjehrR88barwpqaNk55CGwEQ2BI7BfO0kORBd8AEiG7UWdfXjYrR9YCWc2uPFWnIwRbV1oaJGwHQ9bv60V0rpNSuhktm7GF1wvLj0dqRqCBr0TyTGbsaY42zLWqbt7kAwxD1RhgQCiL7YPw0D4DqiezAkE-zYhXEG8dMKVneWOo0zvOkZAFe6WmSkZ9QhQyj5q64FPbfMQ26qNU1-msx6vkKLeRah6J-ZT3TW1Gbnt0_RKbGL_cD9taOHR4o5ZWqlL-1kJslPfZ0_o3hPPSyKrmq0kmWW45DlwNig10zeXSl_C8tWkgfCe3i6E5sh8xl3s1LwT98Wx1gGlaMo_zR316t0wy4b2WOweuLyGDHOdIiyxVti1xXcyytsqkxM&opi=122715837

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://umbrella-zip.pages.dev/ HTTP 307
https://umbrella-zip.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://rp.liadm.com/j?dtstmp=1748371760205&aid=b-01lr&se=e30&duid=b4a6dd0db1df--01jw9h7rst4e4vrx8c13zra8sw&tv=v3.11.3&pu=https%3A%2F%2Fumbrella-zip.pages.dev%2F&us_privacy=1YNY&wpn=lc-bundle&wpv=v3.11.3&cd=.umbrella-zip.pages.dev&pv=8f423575-9c93-4817-835c-81132336478e HTTP 302
https://rp.liadm.com/j?dtstmp=1748371760205&aid=b-01lr&se=e30&duid=b4a6dd0db1df--01jw9h7rst4e4vrx8c13zra8sw&tv=v3.11.3&pu=https%3A%2F%2Fumbrella-zip.pages.dev%2F&us_privacy=1YNY&wpn=lc-bundle&wpv=v3.11.3&cd=.umbrella-zip.pages.dev&pv=8f423575-9c93-4817-835c-81132336478e&n3pc=true

Request Chain 55

https://secure-us.imrworldwide.com/v60a.js HTTP 301
https://cdn-gl.imrworldwide.com/v60a.js

Request Chain 56

https://sb.scorecardresearch.com/cs/6036202/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon-ios.js

Request Chain 146

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183785&gdpr=0 HTTP 302
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183785&gdpr=0&C=1

Request Chain 153

https://id5-sync.com/i/718/8.gif?o=api&id5id=ID5*ypu4gmqZUeXcjTGSzoK8wJIkHjmQBFxlBTrYWjF2TnkeCqJK_2AWoHOQQK9GwUNc&gdpr_consent=undefined&gdpr=false HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/718/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/718/2/7/2.gif?puid=5837088198247345251&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=18170998-4185-4ff9-9ffa-95189d075bee&ttl=%%TTL%% HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/718/112/5/4.gif?puid=7711C13E4AFD79&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F10%2F4%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F10%2F4%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/718/10/4/5.gif?puid=9116353433582422896&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F108%2F3%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F108%2F3%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/718/108/3/6.gif?puid=027fe82e-4468-43fb-a2e6-62684c63bbe7&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f78dxjXRA3AhsXRiLjwmPoie3zyo3IOplli8ndrOnw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F3%2F2%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/718/3/2/7.gif?puid=74806836-093a-4b00-b099-21de55bba6dd&gdpr=0&gdpr_consent= HTTP 302
https://crb.kargo.com/api/v1/dsync/ID5?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&r=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F1785%2F1%2F8.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D

217 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
umbrella-zip.pages.dev/
Redirect Chain

http://umbrella-zip.pages.dev/
https://umbrella-zip.pages.dev/

141 KB
45 KB

82ms
68ms

Document
text/html

172.66.44.90
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://umbrella-zip.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab81a74c702eb222126cb70f192c9af5f22fd272686ef451c7da6616d9daed8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 9467b10a1eb4a938-SYD
content-encoding: br
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Tue, 27 May 2025 18:49:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lI%2BLizMP2l4UFZKcQ0c%2By1OSnv8HduBZl%2F4Qn5IXoYhXdTihl6CAnC2tMm4C6E7i0bp2Ww05ou8czFJOxghL03YOIEoKoUJcaX5qm4iousIsY2N3bu9qDA%2FJxje7s38wcsc3h%2FjaE3de"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=1760&min_rtt=1600&rtt_var=338&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4227&recv_bytes=5767&delivery_rate=1045&cwnd=12000&unsent_bytes=0&cid=04e12b38a3451960&ts=71&x=1" cfExtPri cfHdrFlush;dur=0
vary: Origin, Accept-Encoding
x-frame-options: DENY

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://umbrella-zip.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H2 200 zdconsent.js Show response
cdn.ziffstatic.com/jst/ 70 KB
25 KB 49ms
4ms Script
application/javascript 23.46.10.201
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://cdn.ziffstatic.com/jst/zdconsent.js
Requested by: Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.10.201 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-46-10-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5a275e0512b33fb7c89f1842e0edf7191e4fbc98cdc2bb7dd602d37c5f543271

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: max-age=3310
content-encoding: gzip
etag: "357421b28c6ea3c1d7d90f507ec995e4"
expires: Tue, 27 May 2025 19:44:29 GMT
accept-ranges: bytes
content-length: 24993
date: Tue, 27 May 2025 18:49:19 GMT
last-modified: Mon, 19 May 2025 17:50:22 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 speedtest.js Show response
cdn.ziffstatic.com/pg/ 72 KB
26 KB 47ms
3ms Script
application/javascript 23.46.10.201
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://cdn.ziffstatic.com/pg/speedtest.js
Requested by: Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.10.201 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-46-10-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5e651eccd60de626d91c9496f381de740e7cc13bed8554f886bf76f7520296d0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: public, max-age=2207
content-encoding: gzip
etag: "2e36b58d8d1908c4f621eca1145be894"
expires: Tue, 27 May 2025 19:26:06 GMT
accept-ranges: bytes
content-length: 26143
date: Tue, 27 May 2025 18:49:19 GMT
last-modified: Fri, 23 May 2025 17:19:06 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding

GET
H2 200 speedtest.css
cdn.ziffstatic.com/pg/ 2 KB
934 B 46ms
2ms Stylesheet
text/css 23.46.10.201
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://cdn.ziffstatic.com/pg/speedtest.css
Requested by: Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.10.201 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-46-10-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c2e36e9693330858e69037e325b2a76eb17f7df4e7920d7cdd0a0dae11ad189

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: public, max-age=3418
content-encoding: gzip
etag: "aa972afabcc80fa183dadf92a03fecca"
expires: Tue, 27 May 2025 19:46:17 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600
content-length: 725
date: Tue, 27 May 2025 18:49:19 GMT
last-modified: Thu, 24 Apr 2025 15:11:40 GMT
content-type: text/css
vary: Accept-Encoding

GET
H2 200 speedtest.prebid.js Show response
cdn.ziffstatic.com/pg/ 613 KB
209 KB 48ms
4ms Script
application/javascript 23.46.10.201
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js
Requested by: Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.10.201 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-46-10-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53548487e081529c7956c3150ec5305ab53d8d5255ad401bcf8d73f8b1f4a4b6

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: public, max-age=3178
content-encoding: gzip
etag: "f64f314fae23084c5d63ce44992b9c44"
expires: Tue, 27 May 2025 19:42:17 GMT
accept-ranges: bytes
content-length: 213481
date: Tue, 27 May 2025 18:49:19 GMT
last-modified: Wed, 21 May 2025 00:28:41 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 107 KB
33 KB 271ms
129ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

26431001e5f5d584317e61cf34fae2a4418761ada229d00558f826f4e7ab17dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: br
etag: 57 / 20235 / m202505200101 / config-hash: 13823209538322521926
x-content-type-options: nosniff
expires: Tue, 27 May 2025 18:49:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 18:49:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33909
x-xss-protection: 0
server: cafe

GET
H3 200 Montserrat-VariableFont_wght-kern-latin.woff2
umbrella-zip.pages.dev/s/fonts/ 28 KB
29 KB 441ms
439ms Font
font/woff2 172.66.44.90
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://umbrella-zip.pages.dev/s/fonts/Montserrat-VariableFont_wght-kern-latin.woff2

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40d718d090a7d9fa4db0b9c2570cb05f7729e6c998c32c1c688f421ca7ac8c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://umbrella-zip.pages.dev
Referer: https://umbrella-zip.pages.dev/

Response headers

cf-cache-status: MISS
etag: W/"7184-197120c3f50"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XaZGbJvQyAo%2FLTmgRhM2DInly0I5wZYiF62vQ0koBBln6fo%2F051T2GSO59ImAk6FrcGPKtwqLrI%2BPimG6nZsI7WbIEjxt74nN3xH66lh1m9ec9KuFnLFBM5JfegzWD6LFNJMStsXYf9i"}],"group":"cf-nel","max_age":604800}
uber-trace-id: 3f8453bb615be891:3f8453bb615be891:0:0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2094&min_rtt=1550&rtt_var=478&sent=61&recv=39&lost=0&retrans=0&sent_bytes=54412&recv_bytes=8329&delivery_rate=37907&cwnd=44400&unsent_bytes=0&cid=04e12b38a3451960&ts=516&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 27 May 2025 18:49:20 GMT
last-modified: Tue, 27 May 2025 14:01:22 GMT
content-type: font/woff2
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=60
cf-ray: 9467b10a9ef4a938-SYD
accept-ranges: bytes
content-length: 29060
content-language: en
server: cloudflare

GET
H3 429 gaugemono-regular-webfont.woff2
umbrella-zip.pages.dev/s/fonts/ 0
0 350ms
349ms Font
text/html 172.66.44.90
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://umbrella-zip.pages.dev/s/fonts/gaugemono-regular-webfont.woff2
Requested by: Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://umbrella-zip.pages.dev
Referer: https://umbrella-zip.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJ71ansgbwwUzlBwpCAOKcbbzBQc%2FJsKrBIVUUBIG8n%2BO6ZzDd1LXedLJs0KsCnzVH4q%2FqgBzLfiTrMbHORag%2BP9IrBw2DO%2BQ%2BDLCLnT0JZsecyOLWtI%2BQvg00TOXMLY7SMVZFYywQA%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 9467b10a9ef5a938-SYD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2089&min_rtt=1550&rtt_var=512&sent=59&recv=37&lost=0&retrans=0&sent_bytes=52318&recv_bytes=8242&delivery_rate=720839&cwnd=44400&unsent_bytes=0&cid=04e12b38a3451960&ts=436&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 27 May 2025 18:49:20 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=1,i=?0

GET
H2 200 main.4ddfe19f523ef477824f4284035a76f4.css
b.cdnst.net/styles/ 180 KB
29 KB 572ms
273ms Stylesheet
text/css 151.101.130.219
FASTLY

General

Check archive.org

Download Go to

Full URL

https://b.cdnst.net/styles/main.4ddfe19f523ef477824f4284035a76f4.css

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4eba41017ab03d1f0c3d54b513c576ad7966d1634cd827bcddf206f9be174d02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2ce9b-196e9938790"
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 29123
date: Tue, 27 May 2025 18:49:20 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Origin, Accept-Encoding
x-frame-options: DENY

GET
H2 200 ad.js Show response
b.cdnst.net/javascript/ads/ 203 B
238 B 571ms
273ms Script
application/javascript 151.101.130.219
FASTLY

General

Check archive.org

Download Go to

Full URL

https://b.cdnst.net/javascript/ads/ad.js

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f39a67694e1e75d2397d367b305c7e0b8f5040fb03f98d438d1b3a27470837e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"cb-196e9938790"
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 158
date: Tue, 27 May 2025 18:49:20 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Origin, Accept-Encoding
x-frame-options: DENY

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 244 KB
87 KB 218ms
116ms Script
application/javascript 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-MPW4L3J

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

d50ca1370fed9db96f702bd1a5d94e80945d65e12e5ed77d21a39b20a5323a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1406:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1406:0"}],}
expires: Tue, 27 May 2025 18:49:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:49:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1406:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1406:0
content-length: 88082
x-xss-protection: 0
server: Google Tag Manager

GET
H3 429 Montserrat-VariableFont_wght-hint-all.woff2
umbrella-zip.pages.dev/s/fonts/ 0
0 344ms
343ms Font
text/html 172.66.44.90
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://umbrella-zip.pages.dev/s/fonts/Montserrat-VariableFont_wght-hint-all.woff2
Requested by: Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://umbrella-zip.pages.dev
Referer: https://umbrella-zip.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zcwg4LSt5Pk9n00izIO8idp4C9mei8R22Nj7HQbBEzhn5Co1dzPqw9Kqg4R7VUsT%2Bvorfr0MU1NDIXvq23xSzQS8Wj36IBTcbF32Xs5DX%2FW3QeCfnvvBQc93W1%2BQ7AqB7jiM2CRowu%2F"}],"group":"cf-nel","max_age":604800}
cf-ray: 9467b10acf2ea938-SYD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2038&min_rtt=1550&rtt_var=487&sent=60&recv=38&lost=0&retrans=0&sent_bytes=53370&recv_bytes=8285&delivery_rate=6063&cwnd=44400&unsent_bytes=0&cid=04e12b38a3451960&ts=454&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 27 May 2025 18:49:20 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 429 Montserrat-Italic-VariableFont_wght-hint-all.woff2
umbrella-zip.pages.dev/s/fonts/ 0
0 309ms
309ms Font
text/html 172.66.44.90
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://umbrella-zip.pages.dev/s/fonts/Montserrat-Italic-VariableFont_wght-hint-all.woff2
Requested by: Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://umbrella-zip.pages.dev
Referer: https://umbrella-zip.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Siz6sgPGzLpj%2Ff7fk5FUAxL2WFEDygJSv64l7UGmOxgXS8BGayThL7KQpr5tIxDVKeXBN%2FsL36Nr6DEXtS%2Fz8X1Go%2FloP5eVz5Xj6qPFCyVZk9Jb0JgAApumiIBg8%2F5I0DLDcCKY%2F7we"}],"group":"cf-nel","max_age":604800}
cf-ray: 9467b10acf31a938-SYD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2089&min_rtt=1550&rtt_var=512&sent=58&recv=37&lost=0&retrans=0&sent_bytes=51269&recv_bytes=8242&delivery_rate=720839&cwnd=44400&unsent_bytes=0&cid=04e12b38a3451960&ts=419&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 27 May 2025 18:49:20 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H2 200 3336 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
807 B 90ms
63ms Script
application/javascript 108.158.32.39
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3336
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-39.syd3.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3c1b393f43c62c7b3a8b3790ded93f1846f62e075dff3b682fe3bd5a6fa3b4f4

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: max-age=3600
age: 1351
via: 1.1 8e52b0323db9e9f5baf300137747fffe.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 531
x-amz-cf-id: zV26z9NJZMy7LTLj_uvYETqz-4_hQ0nIPCkZxMaf7XgymD2spjU7CQ==
date: Tue, 27 May 2025 18:26:49 GMT
content-type: application/javascript
x-amz-cf-pop: SYD3-P2
server: CloudFront

GET
H2 200 publisher.js Show response
client.aps.amazon-adsystem.com/ 319 KB
81 KB 32ms
7ms Script
application/javascript 18.67.110.28
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://client.aps.amazon-adsystem.com/publisher.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-28.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c36ab6bb1485595973118d995016961c44a743452faacf3726cc31775e1c1517

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"a06112ab75858e36482932eeeeaaab57"
age: 2913
via: 1.1 3fb6aad2d0d4eb57ef667ceeeeca901a.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: aMpBYDIDUcDWaBcJ3ncZgnLwba_iWqnomEKXG06xANCXUnPqKpMApA==
date: Tue, 27 May 2025 18:00:48 GMT
content-type: application/javascript
last-modified: Wed, 21 May 2025 18:19:34 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 32 KB
8 KB 98ms
14ms Script
application/javascript 104.17.31.174
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.31.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"234346615b452270c8ee1158258c83bb"
age: 295
x-cache: Hit from cloudfront
x-amz-cf-id: dZtNV89g70nMAEx-X2Hto4cGch_p4VgzFhI508SsiNsL6SAN8Sulcg==
date: Tue, 27 May 2025 18:49:20 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:47:53 GMT
vary: accept-encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=300
via: 1.1 c2a50a2feea14a6b3ff3b2628a4c298a.cloudfront.net (CloudFront)
cf-ray: 9467b10f3c0bf215-SYD
x-amz-cf-pop: MEL51-P1
server: cloudflare
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 968ms
479ms Preflight
application/json 74.119.117.17
AS-CRITEO

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fumbrella-zip.pages.dev%2F&domain=umbrella-zip.pages.dev&cw=1&lsw=1&us_privacy=1YNY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://umbrella-zip.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://umbrella-zip.pages.dev
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 27 May 2025 18:49:20 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 360598
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 498 B
773 B 954ms
481ms Fetch
application/json 74.119.117.17
AS-CRITEO

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fumbrella-zip.pages.dev%2F&domain=umbrella-zip.pages.dev&cw=1&lsw=1&us_privacy=1YNY

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b3d211db7fb30e2ab2fc2129ccb02da493ca718338d04f5b177cf6552d33334f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: application/json
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1233867
expires: 0
access-control-allow-origin: https://umbrella-zip.pages.dev
date: Tue, 27 May 2025 18:49:20 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 194 B
671 B 1263ms
648ms Fetch
application/json 162.19.138.116
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

b86ace36e568ecbb5e51b1c1af132239998761939fbc632f3a91c6b9fbe29ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://umbrella-zip.pages.dev
p3p: CP="CAO PSA OUR"
date: Tue, 27 May 2025 18:49:20 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 204 78658 Show response
idx.liadm.com/idex/prebid/ 0
376 B 912ms
468ms Fetch 54.225.240.34
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://idx.liadm.com/idex/prebid/78658?duid=b4a6dd0db1df--01jw9h7rst4e4vrx8c13zra8sw&us_privacy=1YNY&cd=.umbrella-zip.pages.dev&pu=https%3A%2F%2Fumbrella-zip.pages.dev&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=medianet&resolve=magnite&resolve=openx&resolve=pubmatic&resolve=thetradedesk&resolve=sovrn&resolve=vidazoo&resolve=sonobi&resolve=sharethrough&resolve=triplelift

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.225.240.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-225-240-34.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=3599, private
trace-id: e7b7e365b7de980f
request-time: 7
access-control-allow-credentials: true
expires: Tue, 27 May 2025 19:49:20 GMT
access-control-allow-origin: https://umbrella-zip.pages.dev
date: Tue, 27 May 2025 18:49:20 GMT
vary: Origin

GET
H2 204 78658 Show response
idx.liadm.com/idex/prebid/ 0
0 911ms
911ms Fetch 54.225.240.34
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://idx.liadm.com/idex/prebid/78658?duid=b4a6dd0db1df--01jw9h7rst4e4vrx8c13zra8sw&us_privacy=1YNY&cd=.umbrella-zip.pages.dev&pu=https%3A%2F%2Fumbrella-zip.pages.dev&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=medianet&resolve=magnite&resolve=openx&resolve=pubmatic&resolve=thetradedesk&resolve=sovrn&resolve=vidazoo&resolve=sonobi&resolve=sharethrough&resolve=triplelift
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.240.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-240-34.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: max-age=3599, private
trace-id: e7b7e365b7de980f
request-time: 7
access-control-allow-credentials: true
expires: Tue, 27 May 2025 19:49:20 GMT
access-control-allow-origin: https://umbrella-zip.pages.dev
date: Tue, 27 May 2025 18:49:20 GMT
vary: Origin

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ 539 KB
170 KB 11ms
8ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: br
etag: 8367355567805738573
age: 28801
x-content-type-options: nosniff
expires: Wed, 27 May 2026 10:49:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 10:49:19 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 173743
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 84 B
83 B 197ms
194ms Fetch
application/json 142.250.66.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=umbrella-zip.pages.dev

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

5825a9fe2b87b5166e786ba18b8d586a958b0da783f6315d16a39a363cec4dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 18:49:20 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 59
date: Tue, 27 May 2025 18:49:20 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2

200

j Show response
rp.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1748371760205&aid=b-01lr&se=e30&duid=b4a6dd0db1df--01jw9h7rst4e4vrx8c13zra8sw&tv=v3.11.3&pu=https%3A%2F%2Fumbrella-zip.pages.dev%2F&us_privacy=1YNY&wpn=lc-bundle&wpv=v...
https://rp.liadm.com/j?dtstmp=1748371760205&aid=b-01lr&se=e30&duid=b4a6dd0db1df--01jw9h7rst4e4vrx8c13zra8sw&tv=v3.11.3&pu=https%3A%2F%2Fumbrella-zip.pages.dev%2F&us_privacy=1YNY&wpn=lc-bundle&wpv=v...

13 B
388 B

419ms
418ms

XHR
application/json

52.203.250.10
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://rp.liadm.com/j?dtstmp=1748371760205&aid=b-01lr&se=e30&duid=b4a6dd0db1df--01jw9h7rst4e4vrx8c13zra8sw&tv=v3.11.3&pu=https%3A%2F%2Fumbrella-zip.pages.dev%2F&us_privacy=1YNY&wpn=lc-bundle&wpv=v3.11.3&cd=.umbrella-zip.pages.dev&pv=8f423575-9c93-4817-835c-81132336478e&n3pc=true
Requested by: Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/
Protocol: H2
Server: 52.203.250.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-250-10.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

x-pixel-event-id: 3806623c-a3ac-43e2-b810-1a4f28fb3c19
access-control-max-age: 86400
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 13
date: Tue, 27 May 2025 18:49:21 GMT
content-type: application/json

Redirect headers

access-control-max-age: 86400
access-control-expose-headers: *
location: /j?dtstmp=1748371760205&aid=b-01lr&se=e30&duid=b4a6dd0db1df--01jw9h7rst4e4vrx8c13zra8sw&tv=v3.11.3&pu=https%3A%2F%2Fumbrella-zip.pages.dev%2F&us_privacy=1YNY&wpn=lc-bundle&wpv=v3.11.3&cd=.umbrella-zip.pages.dev&pv=8f423575-9c93-4817-835c-81132336478e&n3pc=true
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 0
date: Tue, 27 May 2025 18:49:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 346 KB
109 KB 585ms
277ms Script
application/javascript 64.233.188.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.188.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

45a37db567f9e62a24f73e651c5080e78afc93f89bc2d6849e72886ab2e0d4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1319:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1319:0"}],}
expires: Tue, 27 May 2025 18:49:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:49:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 May 2025 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1319:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1319:0
content-length: 110667
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 speedtest-main.js Show response
b.cdnst.net/javascript/ 6 MB
1 MB 141ms
140ms Script
application/javascript 151.101.130.219
FASTLY

General

Check archive.org

Download Go to

Full URL

https://b.cdnst.net/javascript/speedtest-main.js?v=342671e7b4ad981af8ecd793a723cb11

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

feb474603faa13bef8b7a2be1e5cae02469d9f3bd0545dd56344b8b4b9383d56

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"67a5d1-196e99ad6a8"
accept-ranges: bytes
content-length: 1533892
date: Tue, 27 May 2025 18:49:20 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 19 May 2025 17:32:41 GMT
vary: Accept-Encoding
x-frame-options: DENY

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 671ms
635ms XHR
application/javascript 108.158.21.92
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.21.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-21-92.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-allow-methods: GET
x-cache: RefreshHit from cloudfront
x-amz-cf-id: hR5q9yVlFWhCMIerzmk-SCIAa6NY4ot379NokapTf3azrInbyBd9wA==
date: Tue, 27 May 2025 18:49:22 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 3e4f9c0400441c93ce3468dd26ef9ee4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SYD62-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
prism.app-us1.com/ 0
314 B 354ms
330ms Script
application/javascript 104.18.128.216
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://prism.app-us1.com/?a=478502367&u=https%3A%2F%2Fumbrella-zip.pages.dev%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.128.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.32

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, private
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 109
cf-ray: 9467b1106911d5df-SYD
content-length: 0
date: Tue, 27 May 2025 18:49:21 GMT
content-type: application/javascript
x-powered-by: PHP/8.1.32
server: cloudflare

GET
H3 200 topics_frame.html Show response
securepubads.g.doubleclick.net/static/topics/ Frame C4C3 102 KB
28 KB 103ms
2ms Document
text/html 142.250.66.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

sffe /

Resource Hash

56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://umbrella-zip.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
age: 2992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 17:59:28 GMT
expires: Tue, 27 May 2025 18:49:28 GMT
last-modified: Mon, 19 May 2025 19:44:47 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 219ms
208ms XHR
application/json 108.158.21.92
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3336&u=https%3A%2F%2Fumbrella-zip.pages.dev
Requested by: Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.21.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-21-92.syd62.r.cloudfront.net
Software: Server /
Resource Hash: 453f0207133bfce8eb955f49f02a6f73e3e3db055ef7ac0ce9f211190ada6ba8

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
via: 1.1 ed90dc86686a84dd5c3571951738e746.cloudfront.net (CloudFront)
access-control-allow-origin: https://umbrella-zip.pages.dev
x-cache: Miss from cloudfront
content-length: 2895
x-amz-cf-id: gpKejPmJjgDPhQ9ZLGGmgtBdHE30vmc2dod3v-8vcWjjmWDcS3WTsA==
date: Tue, 27 May 2025 18:49:19 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: SYD62-P3
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 25 B
384 B 1078ms
1034ms Fetch
application/json 18.67.106.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3336&u=https%3A%2F%2Fumbrella-zip.pages.dev%2F&pid=VbU1ZjX7YjxLh&cb=0&ws=1600x1200&v=25.520.1758&t=1000&slots=%5B%7B%22sd%22%3A%22stnext_footer%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x200%22%2C%22970x180%22%2C%22970x90%22%2C%22728x90%22%2C%22200x200%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_lowerboard%22%7D%2C%7B%22sd%22%3A%22st_mw_banner%22%2C%22s%22%3A%5B%22320x50%22%2C%22300x50%22%2C%22320x100%22%2C%22300x100%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fst_mw_banner%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%7D%7D&sm=3a8441c7-db1b-474a-904b-85470353be1c&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A2000%7D&rt=j
Requested by: Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.106.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-106-137.syd62.r.cloudfront.net
Software: Server /
Resource Hash: 7dc78c5c119373b361b76d7e9c1b2759725163789661df908ee4cd8faf842676

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 c8a7df1b4956aa390fe495730eb3c9f4.cloudfront.net (CloudFront)
access-control-allow-origin: https://umbrella-zip.pages.dev
x-cache: Miss from cloudfront
content-length: 45
x-amz-cf-id: 7Ep785cAtpcpZNpxrIuew5I89RPo9IhEZNJhpZYbZN-S082OwDyi5Q==
date: Tue, 27 May 2025 18:49:20 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: SYD62-P2
server: Server

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
561 B 330ms
307ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUYEJ1S6
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 204
access-control-allow-credentials: true
via: 1.1 google
expires: Tue, 27 May 2025 18:49:20 GMT
access-control-allow-origin: https://umbrella-zip.pages.dev
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52
date: Tue, 27 May 2025 18:49:21 GMT
content-type: application/json;charset=utf-8
server: envoy

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 248 B
1 KB 1474ms
677ms Fetch
application/json 103.43.91.17
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.91.17 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1047.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

3172ff5d159f6117fc52031189ca925a26bd4e935e32566f82fecbf87340d562

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 138.199.33.251; 138.199.33.251; 1047.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://umbrella-zip.pages.dev
an-x-request-uuid: 615fa5d2-78f0-4ada-a548-ac32141fa7b5
content-length: 248
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 27 May 2025 18:49:22 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
299 B 243ms
177ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 1f0d95faac096d6f37a1dae8a792d7d8ef9d854e59363bddf09fb5487e8ca360

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: gzip
x-forwarded-for: 138.199.33.251
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://umbrella-zip.pages.dev
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Tue, 27 May 2025 18:49:20 GMT
content-type: text/plain
vary: Origin

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 11 KB
4 KB 311ms
248ms Fetch
application/json 104.18.26.193
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=785511
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96b5f9dbcc045c9cf87c638c95d30fedd04c282ef43e9f9a48f5890dce22a0b3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FV5eA7uZoaZVWCtpg3iVqJ5MKv46S8KCoxubmsZFMPbes7jy1%2BDECd3E%2FmlYDnwctqF%2Bt%2FwW6tkuJWw%2B4w2XeKEE1Rz%2FQozP%2BFhIiiOu45g8o5aiVO7w5axZ3MHuFkSgLiaOjbLw"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics: ?1
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 18:49:21 GMT
content-type: application/json
vary: Accept-Encoding
priority: u=1,i
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 9467b11249925733-SYD
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 3554
server: cloudflare

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
286 B 519ms
193ms Fetch 207.65.33.78
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials: true
observe-browsing-topics: ?1
pmfcgi-resp: TRUE
access-control-allow-origin: https://umbrella-zip.pages.dev
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 27 May 2025 18:49:21 GMT
server: nginx

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 777 B
1 KB 482ms
190ms Fetch
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373682&size_id=2&alt_size_ids=13%2C14%2C55%2C57&p_pos=btf&us_privacy=1YNY&rf=https%3A%2F%2Fumbrella-zip.pages.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=umbrella-zip.pages.dev&tg_i.page=https%3A%2F%2Fwww.speedtest.net%2F&tg_i.name=speedtest&tg_i.mobile=1&tg_i.privacypolicy=1&tg_i.kwarray=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cbandwidth%2Cinternet%20speed%2Cbroadband%2Cinternet%2Cnetwork%2Cconnection%2Clatency%2Cping%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Cisp%2Cvoip%2Cip%2Cip%20address%2Ctcp&tg_i.site=speedtest&tg_i.adunit=homepage&tg_i.documentLang=en&tg_i.cattax=7&tg_i.cat=596%2C599%2C600%2C602%2C619%2C626%2C618&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_lowerboard&tk_flint=pbjs_lite_v9.43.0&x_source.tid=35ce1965-28b8-439b-a491-f05f85e77e0c&l_pb_bid_id=19344c5fe971bea8&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=18fe09d5-61ce-4283-b30b-bc8976d09e87&p_site.mobile=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_lowerboard&m_ch_mobile=%3F0&slots=1&rand=0.5539889245807609
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 1068972a69114a581a6fea9f4711452d6978e4aa10fcfa99430d32558f3c1426

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://umbrella-zip.pages.dev
date: Tue, 27 May 2025 18:49:21 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 776 B
1 KB 383ms
101ms Fetch
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=413252&zone_id=2324048&size_id=19&alt_size_ids=43%2C44%2C117&p_pos=atf&us_privacy=1YNY&rf=https%3A%2F%2Fumbrella-zip.pages.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=umbrella-zip.pages.dev&tg_i.page=https%3A%2F%2Fwww.speedtest.net%2F&tg_i.name=speedtest&tg_i.mobile=1&tg_i.privacypolicy=1&tg_i.kwarray=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cbandwidth%2Cinternet%20speed%2Cbroadband%2Cinternet%2Cnetwork%2Cconnection%2Clatency%2Cping%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Cisp%2Cvoip%2Cip%2Cip%20address%2Ctcp&tg_i.site=speedtest&tg_i.adunit=homepage&tg_i.documentLang=en&tg_i.cattax=7&tg_i.cat=596%2C599%2C600%2C602%2C619%2C626%2C618&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fst_mw_banner&tk_flint=pbjs_lite_v9.43.0&x_source.tid=35ce1965-28b8-439b-a491-f05f85e77e0c&l_pb_bid_id=18835398da405fa&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=167c7137-348d-4716-b1e6-e9fc9e05c9f7&p_site.mobile=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fst_mw_banner&m_ch_mobile=%3F0&slots=1&rand=0.08280320184673917
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 9a9126a0d891152df81e30594b84865932d179c53716b837c4154adf2244649a

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://umbrella-zip.pages.dev
date: Tue, 27 May 2025 18:49:21 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 204 request Show response
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
229 B 1071ms
471ms Fetch 182.161.73.172
CRITEO-AS-AP Crit...

General

Check archive.org

Download Go to

Full URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.43.0&cb=23335679031&lsavail=1&networkId=11834

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.172 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://umbrella-zip.pages.dev
date: Tue, 27 May 2025 18:49:21 GMT
vary: Origin
server: Kestrel

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 537 B
681 B 694ms
403ms Fetch
application/json 54.255.192.26
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.255.192.26 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-192-26.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

8412bee71fd6ad9a2a2a015b74878642134ad84dd7e7521cce26bb41c70d62db

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://umbrella-zip.pages.dev
content-encoding: gzip
content-length: 313
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
129 B 429ms
139ms Fetch 54.255.192.26
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.255.192.26 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-192-26.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://umbrella-zip.pages.dev
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
405 B 317ms
110ms Fetch
application/json 13.251.204.29
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.251.204.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-204-29.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

380d98de8faf5128fd376da11021b7fbc3ea3e3ef6b16bd7608b651fdbf51d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://umbrella-zip.pages.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 66
date: Tue, 27 May 2025 18:49:22 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
404 B 415ms
208ms Fetch
application/json 13.251.204.29
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.251.204.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-204-29.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

d2b1d84fb32ab7c99f8c3081bf8de3cb6847300f8949f90a61c59974f867694f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://umbrella-zip.pages.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 66
date: Tue, 27 May 2025 18:49:22 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 56ms
3ms Script
text/javascript 108.158.20.65
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-65.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"ad78eaf46246cac6849005eb8b50ae6f"
age: 15443
via: 1.1 08a9275888c86859e545bc29de28a412.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: NonLwLHA7znUHlQrnXa5-2yhpZNLknoxwNXZJYt-9pgjs2tGLsbFmA==
date: Tue, 27 May 2025 14:31:59 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:23 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P3
x-amz-server-side-encryption: AES256

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 16 KB
7 KB 75ms
11ms Script
application/javascript 104.18.28.101
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 749a50e3d1a398ae93d82438ce345c27c768d9deef91820cc820a908eb7abc03

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"678fc4e6-41f8"
age: 339791
cf-ray: 9467b11258ad6c65-SYD
expires: Fri, 30 May 2025 18:49:21 GMT
date: Tue, 27 May 2025 18:49:21 GMT
content-type: application/javascript
last-modified: Tue, 21 Jan 2025 16:01:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 11 B
323 B 97ms
45ms Script
application/javascript 172.67.36.110
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fumbrella-zip.pages.dev%2F&ref=&_it=amazon&partner_id=700
Requested by: Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.36.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: max-age=432000
content-encoding: br
cf-cache-status: HIT
etag: W/"ba4f7a703ea78ac1b72b5fe1be4fb407"
age: 1286
cf-ray: 9467b1124a20a94f-SYD
x-amz-request-id: 30EYP70N3Q8K0D6B
date: Tue, 27 May 2025 18:49:21 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Thu, 05 Dec 2024 20:48:49 GMT
x-amz-id-2: 5w5cbgPlgIr4aMvZIza9kfxWEorSRd5HlviyowD8OcJDSPOQIA2EkaPwRhS0y9EZjimo6XkJ9bI=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 105 KB
30 KB 80ms
17ms Script
text/javascript 104.22.52.86
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

860539ec4f3ee0e11aa746e6d001bfce5654a5b6101563e17cfa4716cfdc4335

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

x-amz-id-2: nDvL80wiOLZ6z44R2Y+enMdT844Tpvjas/TZNEPXGNDBrqiChLmKJKd+AYhQiwyB/o/J4DlaD9u+ABrHsFbZU7HETddjlGCctUzzDAC4o8E=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"dcb8906065544836970a0fd171e6738e"
age: 678
x-amz-request-id: YGNN1SD3PZADD9WP
cf-ray: 9467b1125bdaa96d-SYD
date: Tue, 27 May 2025 18:49:21 GMT
content-type: text/javascript;charset=utf-8
last-modified: Fri, 02 May 2025 06:44:22 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 816ms
237ms Preflight 13.251.204.29
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.204.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-204-29.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://umbrella-zip.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://umbrella-zip.pages.dev
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Tue, 27 May 2025 18:49:21 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 815ms
237ms Preflight 13.251.204.29
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.204.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-204-29.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://umbrella-zip.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://umbrella-zip.pages.dev
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Tue, 27 May 2025 18:49:21 GMT

POST
H2 200 map Show response
c.ltmsphrcl.net/6/ 233 B
470 B 518ms
225ms XHR
application/json 54.169.72.96
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.ltmsphrcl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.72.96 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-72-96.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: a59b2b22e300ce70318472535dbafb209b1c05a798293369fb642ecd35471c77

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://umbrella-zip.pages.dev
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 233
date: Tue, 27 May 2025 18:49:21 GMT
content-type: application/json;charset=utf-8

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 996 B
1 KB 188ms
163ms XHR
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002OCXb5AAH&src=aps&ver=1.16.0&us_privacy=1YNY
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 1bf7c11f76ae4c8a7368b1bba36ab94181eee6fe5636f355d9ff42c73bffee0d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://umbrella-zip.pages.dev
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 996
date: Tue, 27 May 2025 18:49:21 GMT
content-type: application/json
vary: origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 56 B
305 B 1277ms
616ms Fetch
application/json 162.19.138.83
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

8744e6e03e8351a2d8ed7201986fcf27140d59a4448407a239e736ff44941c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://umbrella-zip.pages.dev
date: Tue, 27 May 2025 18:49:22 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 bounce Show response
id5-sync.com/ 30 B
240 B 317ms
314ms Fetch
text/plain 162.19.138.116
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://umbrella-zip.pages.dev
date: Tue, 27 May 2025 18:49:22 GMT
content-type: text/plain;charset=utf-8
vary: Origin
access-control-allow-credentials: true

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
237 B 1188ms
586ms Fetch
application/json 57.129.92.70
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 57.129.92.70 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: /
Resource Hash: 04ebb9581c92bf0f5666b486c2934dce578c4fa458a79d985eadae09bb6986e7

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 54
date: Tue, 27 May 2025 18:49:23 GMT
content-type: application/json
vary: Origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 56 B
304 B 469ms
469ms Fetch
application/json 162.19.138.83
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

827058eac57d2fc3d1d5fbd7607f4a903e15fae10761d418b54100e1a952da65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://umbrella-zip.pages.dev
date: Tue, 27 May 2025 18:49:22 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

v60a.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-us.imrworldwide.com/v60a.js
https://cdn-gl.imrworldwide.com/v60a.js

24 KB
7 KB

95ms
43ms

Script
application/javascript

108.158.32.13
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60a.js
Protocol: H2
Server: 108.158.32.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-13.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0971910cdc9f2e2935dda6d6f8018a6e55c690808334cd6de4b7c85b320b2ee

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
x-amz-version-id: m6vssmDo9Sy0qT4LsjH1sHaCbf7BuQzw
etag: W/"2c36db297a45456efc2626f0af7699ac"
age: 51535
via: 1.1 af9df879c48ca18a8b67eda7edecc4a4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: bpAT-PoKQbVIUvMkJWH52cC7ViffBZ9QcA07rRwze_oMVMYH7JEr2w==
date: Tue, 27 May 2025 04:30:29 GMT
content-type: application/javascript
last-modified: Tue, 21 May 2024 14:03:42 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60a.js
content-length: 134
date: Tue, 27 May 2025 18:49:22 GMT
content-type: text/html
server: awselb/2.0

GET
H2

200

beacon-ios.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036202/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon-ios.js

23 KB
8 KB

2ms
2ms

Script
text/javascript

18.65.244.106
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon-ios.js
Protocol: H2
Server: 18.65.244.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-106.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9749b8a94da6accfb9f4636235fafcbd2335c84d551cd410f8ba20374388dac8

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"63c1d062ca2058f8fc9f305f20873b74"
age: 922
via: 1.1 f1635e40dd33e4abcdd79d3670805a7a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: SHSYmjqhWTltihC_f6nU0uaCZ0lqligXoaxnqIHRagY73wf6rgwGew==
date: Tue, 27 May 2025 18:34:01 GMT
content-type: text/javascript
last-modified: Thu, 22 May 2025 07:52:02 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P1
x-amz-server-side-encryption: AES256

Redirect headers

location: /internal-cs/default/beacon-ios.js
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 f1635e40dd33e4abcdd79d3670805a7a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: Pz13X7E8vdb8eLeK2qA7CXTNjMlFeox8cYcjYTVzHxDc9y5x2-pO0A==
date: Tue, 27 May 2025 18:49:22 GMT
x-amz-cf-pop: SYD3-P1

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ.min.js Show response
cdn.static.zdbb.net/js/ 170 KB
48 KB 2044ms
466ms Script
text/javascript 23.32.5.175
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.5.175 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-32-5-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0b43e4951d14ab5d1691aaa4a1809dfb99dbde40e18b5086e06a7d21c154bbb

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
x-amz-version-id: 49YSCv0gCCieSimMnaiFbUvWe0H8_0PO
x-amz-request-id: AXYVKWH4NRKKKXMJ
expires: Wed, 28 May 2025 18:49:24 GMT
accept-ranges: bytes
content-length: 48539
date: Tue, 27 May 2025 18:49:24 GMT
last-modified: Fri, 09 May 2025 20:02:49 GMT
content-type: text/javascript
vary: Accept-Encoding
x-amz-id-2: xLdyGhYJtrMi6Zi0uMfxEIsWpUh0ap4xGH2Y0puyST5lSlECKQN1ZJqFLp1GC3K2t45cdsdRln5bfivPl7RznDNs5Xko5GlA

GET
H3 200 android-app-promo-1x.png
umbrella-zip.pages.dev/images/ 29 KB
30 KB 56ms
54ms Image
image/png 172.66.44.90
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://umbrella-zip.pages.dev/images/android-app-promo-1x.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b2669736565cf357ad02fb29b5a1577dde4f0f6c8cb1044695bd70f1a5ce43d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cf-cache-status: HIT
etag: W/"7349-196e9938790"
age: 75827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAGh9oRgqd0Lri65T956h7ndducJmSTuyP2MDtwg242N6pVSeod9rAw5IXxVCe4BR0ZJUDv2RA8tQcNyFyqYCHcByftzT19SzHrv3p0olGxIgfLxHxo8efKoisB99%2BNJRnj5fob%2BXx01"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6339&min_rtt=1550&rtt_var=1624&sent=89&recv=54&lost=0&retrans=0&sent_bytes=85191&recv_bytes=10434&delivery_rate=4297168&cwnd=44400&unsent_bytes=0&cid=04e12b38a3451960&ts=3203&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 27 May 2025 18:49:22 GMT
content-type: image/png
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 9467b11dd84da938-SYD
accept-ranges: bytes
content-length: 29513
server: cloudflare

GET
H2 200 gauge-gradient-dl-multi-web.png
b.cdnst.net/images/ 77 KB
77 KB 150ms
142ms Image
image/png 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-dl-multi-web.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32b79f49ad238f7718e7ba9aa4cbb32e74a8a11a8a32dbcfdbfa926228c783f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
etag: W/"132c5-196e9938790"
accept-ranges: bytes
content-length: 78533
date: Tue, 27 May 2025 18:49:22 GMT
content-type: image/png
last-modified: Mon, 19 May 2025 17:24:42 GMT
x-frame-options: DENY

GET
H2 200 gauge-gradient-ul-multi-web.png
b.cdnst.net/images/ 73 KB
73 KB 290ms
282ms Image
image/png 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-ul-multi-web.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d23c759f4302ff762012a6ff00cbd124858dd9b387ea06eafa727c5e726fd77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
etag: W/"12248-196e9938790"
accept-ranges: bytes
content-length: 74312
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/png
last-modified: Mon, 19 May 2025 17:24:42 GMT
x-frame-options: DENY

GET
H2 200 gauge-gradient-dl-single-web.png
b.cdnst.net/images/ 61 KB
61 KB 305ms
297ms Image
image/png 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-dl-single-web.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

53ef39c91fa4b4f2d68d15483dcd7a2bc4b089c954e7b5a6808c6560740c887f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
etag: W/"f3d1-196e9938790"
accept-ranges: bytes
content-length: 62417
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/png
last-modified: Mon, 19 May 2025 17:24:42 GMT
x-frame-options: DENY

GET
H2 200 gauge-gradient-ul-single-web.png
b.cdnst.net/images/ 64 KB
64 KB 301ms
293ms Image
image/png 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-ul-single-web.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d3c3db2b5256d7c5fa7f2502e752ced784853fe0fdd01d8a219bd9e041a579c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
etag: W/"ff47-196e9938790"
accept-ranges: bytes
content-length: 65351
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/png
last-modified: Mon, 19 May 2025 17:24:42 GMT
x-frame-options: DENY

GET
H2 200 google-play-EN.svg
b.cdnst.net/images/mobile-badges/ 6 KB
3 KB 305ms
298ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/mobile-badges/google-play-EN.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bfa5d0a7f4e81c2f09bba8a2de6a24bc874c062acd0aaf651a998cb16579b237

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"19d1-196e9938790"
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2656
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/svg+xml
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Origin, Accept-Encoding
x-frame-options: DENY

GET
H3 200 scroll_for_more.svg
umbrella-zip.pages.dev/images/ 1 KB
2 KB 54ms
48ms Image
image/svg+xml 172.66.44.90
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://umbrella-zip.pages.dev/images/scroll_for_more.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a9bf3001c757b15eb047be335b34fbff6030295de67def0a6e7f688ea1f57a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"4e9-196e9938790"
age: 2603
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VNyX3gk3nEzKhp5gZWwgHeNto87BID29KasGYFCgwC8B2TlDkdzvmKIVKhfeRzrNyXqQBSEiH4dN7dTE4WDV0p4pyrIWSoHqLV2l751PXBlEQGFS%2B5Y92NwvED3kdYDsExmxQJEdIfHe"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6339&min_rtt=1550&rtt_var=1624&sent=115&recv=54&lost=0&retrans=0&sent_bytes=116326&recv_bytes=10434&delivery_rate=4297168&cwnd=44400&unsent_bytes=0&cid=04e12b38a3451960&ts=3206&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 27 May 2025 18:49:22 GMT
content-type: image/svg+xml
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 9467b11dd852a938-SYD
accept-ranges: bytes
content-length: 573
server: cloudflare

GET
H2 200 icg_desktop_apps.svg
b.cdnst.net/images/ 8 KB
3 KB 290ms
283ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_desktop_apps.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f296b7388d26c659d451819449df427b865bbe63cd2d9dd1e814f3f10e81446c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"1fea-196e9938790"
accept-ranges: bytes
content-length: 3289
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/svg+xml
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Accept-Encoding
x-frame-options: DENY

GET
H2 200 icg_troubleshoot_wifi.svg
b.cdnst.net/images/ 5 KB
1 KB 289ms
282ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_troubleshoot_wifi.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

308713a4824fa8f19b7b9305a93189d25a412bd838d1773b1ff81c260fc3cda0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"14c8-196e9938790"
accept-ranges: bytes
content-length: 1246
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/svg+xml
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Accept-Encoding
x-frame-options: DENY

GET
H2 200 icg_check_outages.svg
b.cdnst.net/images/ 4 KB
2 KB 287ms
280ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_check_outages.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0193511cfcd9864e09c2e7175e6d22d6f1e0ad9199b4dc404197a2c65358e93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"ef6-196e9938790"
accept-ranges: bytes
content-length: 1774
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/svg+xml
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Accept-Encoding
x-frame-options: DENY

GET
H2 200 icg_talk_to_isp.svg
b.cdnst.net/images/ 5 KB
2 KB 299ms
293ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_talk_to_isp.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aea75483e6961d526af59b5a09af5fb3262d7ce210e90e590162e4613c9f06b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"14e7-196e9938790"
accept-ranges: bytes
content-length: 1901
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/svg+xml
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Accept-Encoding
x-frame-options: DENY

GET
H2 200 icg_how_much_speed.png
b.cdnst.net/images/ 11 KB
11 KB 289ms
283ms Image
image/png 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_how_much_speed.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b2b4f5e11c0b73429c3ede6bcd9c9b99e7c8fe596c7d0a29e6639ad678d21c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
etag: W/"2a89-196e9938790"
accept-ranges: bytes
content-length: 10889
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/png
last-modified: Mon, 19 May 2025 17:24:42 GMT
x-frame-options: DENY

GET
H2 200 icg_qr_code.svg
b.cdnst.net/images/ 3 KB
1 KB 285ms
279ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_qr_code.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e551239f9d963f64d1fd39d40285586400f4073acda91be5658c32117f6bc6ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"cc4-196e9938790"
accept-ranges: bytes
content-length: 1016
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/svg+xml
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Accept-Encoding
x-frame-options: DENY

GET
H2 200 mobile_apps.svg
b.cdnst.net/images/ 5 KB
2 KB 286ms
281ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/mobile_apps.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f413ed52238836f8e47dbe95fb447bbafbe200ffc0795325e53fdf3d1796768d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"1423-196e9938790"
accept-ranges: bytes
content-length: 2213
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/svg+xml
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Accept-Encoding
x-frame-options: DENY

GET
H2 200 icg_get_help.svg
b.cdnst.net/images/ 3 KB
1 KB 283ms
278ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_get_help.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

30cabd65315139eaac2a9d894be6dfbacc9364599dead8c493eccf3d101e44f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"b8d-196e9938790"
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1029
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/svg+xml
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Origin, Accept-Encoding
x-frame-options: DENY

GET
H3 200 servers Show response
umbrella-zip.pages.dev/api/js/ 3 KB
2 KB 324ms
320ms XHR
application/json 172.66.44.90
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://umbrella-zip.pages.dev/api/js/servers?engine=js&limit=10&https_functional=true

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/speedtest-main.js?v=342671e7b4ad981af8ecd793a723cb11

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b177427a8a4504f32a6368e0fb576cd6751920ab0fecd296c5d853688e90563

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Accept: application/json, text/plain, */*
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPDuUNktly%2F3oL2Xchy0SvlF6rWJycRKjBZuwu0r1BqKPkLrpOSPHwP5xm7NCmTGS3vZdCP42SjeL3Ev7e34RuAAtyyuNhxKf6y0%2BAKS9WcumsnGtjviHoQWYWsNMeSnW50odHMoIHmZ"}],"group":"cf-nel","max_age":604800}
expires: Wed, 28 May 2025 18:49:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6237&min_rtt=1550&rtt_var=835&sent=119&recv=68&lost=0&retrans=0&sent_bytes=117978&recv_bytes=13309&delivery_rate=742056&cwnd=44400&unsent_bytes=0&cid=04e12b38a3451960&ts=3517&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 27 May 2025 18:49:23 GMT
content-type: application/json
vary: Origin, Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 9467b11e286ea938-SYD
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 254ms
135ms XHR
application/json 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

0256975807861eaeac302914b22c4180e56f626c2f236bf1cf2285c7e721b745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13069
date: Tue, 27 May 2025 18:49:23 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 81 KB
25 KB 293ms
292ms Fetch
text/plain 142.250.66.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1067421181592797&correlator=1334821522665400&eid=31092114%2C31086815%2C31092626%2C95353384%2C31088081%2C83321072&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=6692%2Cspeedtest.net%2Cst_mw_banner%2Cstnext_lowerboard&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=320x50%7C300x50%7C320x100%7C300x100%2C970x250%7C970x200%7C970x180%7C970x90%7C728x90%7C200x200%7C250x250&ifi=1&dids=st_mw_banner~stnext_footer&adfs=1723197901~1436556737&sfv=1-0-45&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1748371762918&adxs=440%2C242&adys=1150%2C2148&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fumbrella-zip.pages.dev%2F&vis=1&psz=1600x0%7C1600x2754&msz=1200x-1%7C970x250&fws=516%2C4&ohw=1600%2C1600&topics=1&tps=1&htps=10&nt=1&dlt=1748371759768&idt=826&prev_scp=rfr%3Dfalse%26pos%3Datf%26ppos%3D1%26npos%3D1%26pogo%3Dsticky%26divid%3Dst_mw_banner%26gto%3Dfalse%26amznbid%3D1%26amznp%3D1%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x50%26hb_pb_ix%3D0.55%26hb_adid_ix%3D29316727752dec5%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D300x50%26hb_pb%3D0.55%26hb_adid%3D29316727752dec5%26hb_bidder%3Dix%7Crfr%3Dfalse%26pos%3Dbtf%26ppos%3D2%26npos%3D1%26pogo%3Dfooter%26divid%3Dstnext_footer%26gto%3Dtrue%26amznbid%3D1%26amznp%3D1%26hb_format_ix%3Dbanner%26hb_size_ix%3D200x200%26hb_pb_ix%3D0.33%26hb_adid_ix%3D30c1fe72b1ffa4%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D200x200%26hb_pb%3D0.33%26hb_adid%3D30c1fe72b1ffa4%26hb_bidder%3Dix&cust_params=zdc%3D1%26template%3Dhomepage%26category%3Dhomepage%26env%3Dumbrella-zip.pages.dev%26OOF%3Dfalse%26fito%3Dtrue%26ref%3D%26zdid%3Db6059dd61a91175a765934142736dfa6%26li-module-enabled%3Dt1-e0%26liact%3Don%26stIspId%3D56178%26stOutage%3D20090%252C36478%252C33421%252C35760%252C38310%252C20004%252C20020%252C33995%252C54711%252C20041%26country%3Dus%26household_carrier%3Dother%26hostname%3Dhttps%252F%252Fumbrella-zip.pages.dev%26bucket_test%3D18&adks=4226278064%2C350689657&frm=20&eoidce=1&gblpids=%2F6692%2Fspeedtest.net%2Fst_mw_banner~%2F6692%2Fspeedtest.net%2Fstnext_lowerboard&pbbce=1&td=1&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

4078fb2d0c5a600e8b7921384e44cde7d80c1fd084360c7fedd517e230305184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: br
google-lineitem-id: 5394558614,5395284409
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 18:49:23 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138313768671,138349886058
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 25888
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 0C0F 7 KB
3 KB 292ms
139ms Document
text/html 64.233.188.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.188.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tk-in-f132.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://umbrella-zip.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 18:49:23 GMT
expires: Tue, 27 May 2025 18:49:23 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 718.json Show response
id5-sync.com/g/v2/ 853 B
1 KB 357ms
354ms Fetch
application/json 162.19.138.116
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/g/v2/718.json

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/speedtest.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e4aaea7540e883c568da1b6fc2d7c5318750d07e3b6656925e1012f5b06b7788

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://umbrella-zip.pages.dev
p3p: CP="CAO PSA OUR"
date: Tue, 27 May 2025 18:49:23 GMT
content-type: application/json
vary: Origin

GET
H2 200 favicon.svg
b.cdnst.net/images/favicons/ 1 KB
605 B 193ms
192ms Other
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Download Go to

Full URL

https://b.cdnst.net/images/favicons/favicon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a4d2c91234d76c14551fff4ff2c42cf835ce8238ecf505fe945eec2bc1d543bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"44f-196e9938790"
accept-ranges: bytes
content-length: 554
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/svg+xml
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Accept-Encoding
x-frame-options: DENY

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/ookla-speedtest/ 628 B
682 B 806ms
797ms Fetch
application/json 74.125.203.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/ookla-speedtest/installations

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/speedtest-main.js?v=342671e7b4ad981af8ecd793a723cb11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.203.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

th-in-f95.1e100.net

Software

ESF /

Resource Hash

4a8dee255d9e06c0519956cf2d02f4a7b49128eccb02df7946b00b48762d11dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-goog-api-key: AIzaSyDSaO6tE5SQ7J3ZMsKsepon8tNUNy5WA6s
Referer: https://umbrella-zip.pages.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept: application/json
content-type: application/json

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://umbrella-zip.pages.dev
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 499
date: Tue, 27 May 2025 18:49:24 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/ookla-speedtest/ Frame 0
0 597ms
309ms Preflight
text/html 74.125.203.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/ookla-speedtest/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.203.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

th-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://umbrella-zip.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://umbrella-zip.pages.dev
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 27 May 2025 18:49:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
302 B 145ms
143ms Image
text/plain 18.65.244.106
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036202&cs_fpcu=f195f21501d549f69f51772e760d65f5&cs_it=m1&cv=4.13.0%2B2504041036&ns__t=1748371763009&ns_c=UTF-8&cs_cfg=1111110&c7=https%3A%2F%2Fumbrella-zip.pages.dev%2F&c8=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-106.syd3.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

via: 1.1 f1635e40dd33e4abcdd79d3670805a7a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: I1zTkczKsSxQrmvoYnk5YSPuGjIqj_2go2rMKoS8DgnWooLrgwb7Sw==
date: Tue, 27 May 2025 18:49:23 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: SYD3-P1

GET
H2 200 match Show response
bee.imrworldwide.com/v1/clients/ 39 B
496 B 193ms
61ms XHR
application/json 18.67.93.103
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://bee.imrworldwide.com/v1/clients/match?client_id=ziffdavis&url=https://umbrella-zip.pages.dev/

Requested by

Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.93.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-93-103.syd62.r.cloudfront.net

Software

Resource Hash

0210bcf8c6f9fb41e1db722e8ec3c318101342f5922c59331321c993df1720d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=25920000; includeSubDomains
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 a8d63eee2fd456f0e1e6772e38461220.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 63
x-amz-cf-id: 519mVxE58nx2QeYcnopRoaHEGokOdzIfsr6yW-SfsPAChsDjOf_Z5g==
date: Tue, 27 May 2025 18:49:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: SYD62-P1
x-frame-options: DENY

GET
H2 200 storageframe.html Show response
secure-us.imrworldwide.com/ Frame DC16 11 KB
4 KB 7ms
3ms Document
text/html 3.25.26.222
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://secure-us.imrworldwide.com/storageframe.html
Requested by: Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.25.26.222 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-25-26-222.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer: https://umbrella-zip.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-length: 3489
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 18:49:23 GMT
etag: "67a0e409-da1"
last-modified: Mon, 03 Feb 2025 15:43:05 GMT
server: nginx

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 20 KB
7 KB 602ms
248ms Script
text/javascript 173.194.174.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.174.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

td-in-f132.1e100.net

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 18:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:49:23 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H3 200 favicon.ico
umbrella-zip.pages.dev/ 100 KB
7 KB 40ms
39ms Other
image/x-icon 172.66.44.90
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://umbrella-zip.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caca9270c3bccfaa6645272295c7c53725a58b506f34d64645d94b30be6968f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"18e64-196e9938790"
age: 33962
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRSa7LIF7LzPLIeePy%2F7FF6hjdJAzISQdQblKpjPoAhNKVFA%2FUKP3WZl5QJ4q1%2FsmuCv42Rsx85Syk6y8Pz4fLJBBXZVwDWN4O4yZ7kSRBudCDF%2FVRXPAZwxp%2F3y5392R%2F42DZq6lJxb"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6597&min_rtt=1550&rtt_var=1347&sent=121&recv=69&lost=0&retrans=0&sent_bytes=119797&recv_bytes=13354&delivery_rate=5663&cwnd=44400&unsent_bytes=0&cid=04e12b38a3451960&ts=3545&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/x-icon
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 9467b11ff93ea938-SYD
accept-ranges: bytes
content-length: 6109
server: cloudflare

GET
H2 200 / Show response
d0.eu-3-id5-sync.com/ 1 B
143 B 1177ms
580ms Fetch
text/plain 51.195.34.255
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d0.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.34.255 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip255.ip-51-195-34.eu
Software: /
Resource Hash: 6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d1.eu-3-id5-sync.com/ 1 B
143 B 963ms
305ms Fetch
text/plain 51.195.73.74
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d1.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.74 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip74.ip-51-195-73.eu
Software: /
Resource Hash: d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d2.eu-3-id5-sync.com/ 1 B
143 B 1169ms
574ms Fetch
text/plain 135.125.146.86
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d2.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.86 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip86.ip-135-125-146.eu
Software: /
Resource Hash: 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d3.eu-3-id5-sync.com/ 1 B
143 B 1171ms
574ms Fetch
text/plain 51.195.73.113
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d3.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.113 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip113.ip-51-195-73.eu
Software: /
Resource Hash: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d4.eu-3-id5-sync.com/ 1 B
143 B 1189ms
589ms Fetch
text/plain 51.195.126.30
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d4.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip30.ip-51-195-126.eu
Software: /
Resource Hash: 7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d5.eu-3-id5-sync.com/ 1 B
143 B 1191ms
579ms Fetch
text/plain 51.195.73.71
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d5.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.71 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip71.ip-51-195-73.eu
Software: /
Resource Hash: 19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d6.eu-3-id5-sync.com/ 1 B
143 B 1281ms
612ms Fetch
text/plain 51.195.127.115
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d6.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.127.115 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip115.ip-51-195-127.eu
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d7.eu-3-id5-sync.com/ 1 B
143 B 1285ms
617ms Fetch
text/plain 135.125.140.162
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d7.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.140.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip162.ip-135-125-140.eu
Software: /
Resource Hash: 3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d0.eu-4-id5-sync.com/ 1 B
143 B 1196ms
587ms Fetch
text/plain 135.125.146.86
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d0.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.86 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip86.ip-135-125-146.eu
Software: /
Resource Hash: 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d1.eu-4-id5-sync.com/ 1 B
143 B 1160ms
570ms Fetch
text/plain 51.195.34.222
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d1.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.34.222 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip222.ip-51-195-34.eu
Software: /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d2.eu-4-id5-sync.com/ 1 B
143 B 1189ms
586ms Fetch
text/plain 51.195.73.71
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d2.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.71 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip71.ip-51-195-73.eu
Software: /
Resource Hash: 19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d3.eu-4-id5-sync.com/ 1 B
143 B 1268ms
602ms Fetch
text/plain 135.125.140.162
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d3.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.140.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip162.ip-135-125-140.eu
Software: /
Resource Hash: 3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d4.eu-4-id5-sync.com/ 1 B
143 B 1191ms
589ms Fetch
text/plain 51.195.126.30
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d4.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip30.ip-51-195-126.eu
Software: /
Resource Hash: 7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d5.eu-4-id5-sync.com/ 1 B
143 B 1265ms
600ms Fetch
text/plain 135.125.146.80
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d5.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip80.ip-135-125-146.eu
Software: /
Resource Hash: df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d6.eu-4-id5-sync.com/ 1 B
143 B 1262ms
598ms Fetch
text/plain 135.125.140.162
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d6.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.140.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip162.ip-135-125-140.eu
Software: /
Resource Hash: 3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d7.eu-4-id5-sync.com/ 1 B
143 B 1242ms
595ms Fetch
text/plain 135.125.146.82
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d7.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.82 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip82.ip-135-125-146.eu
Software: /
Resource Hash: 2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H3 200 container.html Show response
bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 093F 7 KB
0 1ms
0ms Document
text/html 64.233.188.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.188.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tk-in-f132.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://umbrella-zip.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 18:49:23 GMT
expires: Tue, 27 May 2025 18:49:23 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250522/r20110914/ Frame 6B52 21 KB
9 KB 189ms
13ms Script
text/javascript 142.250.67.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250522/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f1.1e100.net

Software

cafe /

Resource Hash

be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: br
etag: 5251608839672234903
age: 42891
x-content-type-options: nosniff
expires: Tue, 10 Jun 2025 06:54:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 06:54:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8642
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250522/r20110914/client/ Frame 6B52 3 KB
1 KB 189ms
13ms Script
text/javascript 142.250.67.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250522/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f1.1e100.net

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 30790
x-content-type-options: nosniff
expires: Tue, 10 Jun 2025 10:16:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 10:16:13 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6B52 221 KB
68 KB 175ms
8ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: br
etag: 81102085050987160
age: 597
x-content-type-options: nosniff
expires: Tue, 27 May 2025 19:39:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 18:39:26 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H2 200 2081763630838942312
tpc.googlesyndication.com/simgad/ Frame 6B52 17 KB
18 KB 177ms
2ms Image
image/png 142.250.67.1
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2081763630838942312

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f1.1e100.net

Software

sffe /

Resource Hash

c5d5575d81c2b07ff3064aa426d7c4152206b7907903c2b8a29bce96ac3fd3b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

age: 376644
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sat, 23 May 2026 10:11:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Fri, 23 May 2025 10:11:59 GMT
last-modified: Tue, 18 May 2021 20:14:52 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 17723
x-xss-protection: 0
server: sffe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B52 0
26 B 140ms
139ms Image
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssM5Y6gmk4VU00zUigzFNpBG6M2ZHsDymNOEJ9bJlM9DYb0FhxedBuSJmzjQ29g_slvQUUl3WNRVUbG7po1qOTWeL9KCZvEzJ4HljwGrXHpVYz6a5PRgRak5XsbMlMkUPLhfawSw0BxJfdNy1nVLxD6-oqLHjq_hPCAPEL6wDbXO1PNOJ6kxxAiDsjYp3XPI8lTO5K3zl3u00YKxDlsEyna6LduxcZ-dw3Ep93yCjPIFR8OkUMaH1SK9Bp5EgJczgkvopAETRyw-gvSDlF83Uux2Et2kzR5WNilHoWRzEzIYngZzn8nIzOb7vDQBTam_D29B4Jual1I2e0tZxEWmnoswwRj0XDLGMfPBjahSHz8wZPJSiNbnqqrQOL52KIiNi2aM4gQSLzojgS305Nyobf0j_ox03cHWUa3FN_TS-z5AbnVHEHtM8u5VGJMFTF0OenZynA&sai=AMfl-YQ1ylrE3LBzEVogWv_w5Pv-jdkSbiVVF5zt3zvLAHoaUEOH6AtS-YlJPZ_SPGP-Ecw7HB3PQSav_RsHxdcLkEf7C2iQso5BmParncywIqtP0VlMaycbSGMfJk8A4j09yNXzKLcQILwEvu73L0oa&sig=Cg0ArKJSzKninWHjhWHmEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 18:49:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame 6B52 450 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a39ec41d958b9d96bc248b857ab2c6f3f35c092147a79b8d603bb7938042711b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/png

GET
H2 200 config250.js Show response
cdn-gl.imrworldwide.com/conf/ 12 KB
5 KB 3ms
2ms Script
application/javascript 108.158.32.13
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by: Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-13.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be34dc89f1f75b4c1a9eb9c3be5884e29f91cfbea4d7b8c536b5f78dbba849da

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

vary: accept-encoding
cache-control: max-age=86400,s-maxage=86400
content-encoding: gzip
x-amz-version-id: sFB4V0np_xmHC5ogyHKAQTPNjrNJwCCH
etag: W/"c224fb8d4554757206d37c2d66b1f745"
age: 1132
via: 1.1 af9df879c48ca18a8b67eda7edecc4a4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: KOrJHri1yzJmhBZQRuMaKkDkdJXly9gpiwSRlgyYjQT1RimSNZmOqA==
date: Tue, 27 May 2025 18:30:32 GMT
content-type: application/javascript
last-modified: Tue, 27 May 2025 17:22:17 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 093F 23 KB
7 KB 227ms
117ms Script
text/javascript 142.250.67.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js

Requested by

Host: bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com
URL: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f1.1e100.net

Software

sffe /

Resource Hash

4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

content-encoding: br
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 18:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:49:23 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Thu, 08 May 2025 23:15:48 GMT
cache-control: private, max-age=300
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
content-length: 6269
x-xss-protection: 0
server: sffe

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 093F 28 KB
10 KB 101ms
30ms Script
application/javascript 104.16.175.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com
URL: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b70acabfec3024b0ca21c8847693536dd931b2d012d596cb979d74c972a4a6e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"7009-+fSnGmMge6EQaCY8X46KqAScnTo"
age: 15061
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1YEFRVa%2BM6M6D%2BaoAj13XGie3%2FWDH1a2TZRvsgmymB14YpX5YkGp94ldxFYtverJhqubf%2Bqxw8YjYQZVSRUeWK7fFWFPq0lp6qOPEovF4s3QMQ%2FqrZXTMMo9USKpGRw4lQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 27 May 2025 18:49:23 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220028-FRA, cache-lga21976-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9467b121faa7e7c9-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9763
server: cloudflare
x-jsd-version: 1.17.2

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 093F 221 KB
68 KB 108ms
4ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com
URL: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 81102085050987160
age: 597
x-content-type-options: nosniff
expires: Tue, 27 May 2025 19:39:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 18:39:26 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 199 KB
56 KB 2ms
2ms Script
application/javascript 108.158.32.13
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-13.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: gzip
x-amz-version-id: Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
etag: W/"2be1fe7a43ef5ba626afab2ceddfc177"
age: 1133
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
x-amz-cf-id: U5-LwRmkPLEqAZqmn86WhsIy6Bj4yFEAz3Lw9tyWoSLZtN1LAbKGDg==
date: Tue, 27 May 2025 18:30:31 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Wed, 06 Sep 2023 13:04:53 GMT
cache-control: max-age=86400
via: 1.1 af9df879c48ca18a8b67eda7edecc4a4.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame E5DB 12 KB
4 KB 8ms
2ms Document
text/html 108.158.32.77
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-77.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://umbrella-zip.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age: 1131
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 27 May 2025 18:30:33 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Wed, 06 Sep 2023 13:04:52 GMT
server: AmazonS3
vary: accept-encoding
via: 1.1 9fe9a459a2b2b8935dc7f533182681dc.cloudfront.net (CloudFront)
x-amz-cf-id: 05zir0ziD6I_SgPQ58KV6gUS10d_IwbwkHkGfE3KrMWSMmBVFGESJQ==
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache: Hit from cloudfront

GET
H3 200 app-promo-image.png
umbrella-zip.pages.dev/images/ 44 KB
45 KB 49ms
48ms Image
image/png 172.66.44.90
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://umbrella-zip.pages.dev/images/app-promo-image.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a0a8bb6e2640343f5d22157302b2582c85c2407d1e191af8f454e56053fb6ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cf-cache-status: HIT
etag: W/"b197-196e9938790"
age: 25244
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x30pEQ87mmAojr84WEUwWLtK%2F7xx4CMzrVl4s6GiHrZBrQw%2FurUj2%2Fw%2BJyPIMfZBvuT%2FbV7v0477F5SmuvhL4EuxrYNSmheHdnaeQcUGJy0w%2F6%2B1dh9fqD09a4i4n70JkjLBu6AVQqAA"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6708&min_rtt=1550&rtt_var=1232&sent=129&recv=72&lost=0&retrans=0&sent_bytes=127092&recv_bytes=14815&delivery_rate=809407&cwnd=44400&unsent_bytes=0&cid=04e12b38a3451960&ts=3984&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/png
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 9467b122aa67a938-SYD
accept-ranges: bytes
content-length: 45463
server: cloudflare

GET
H2 200 app-promo-image.png
b.cdnst.net/images/ 44 KB
45 KB 140ms
138ms Image
image/png 151.101.130.219
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://b.cdnst.net/images/app-promo-image.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.219 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4a0a8bb6e2640343f5d22157302b2582c85c2407d1e191af8f454e56053fb6ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cache-control: public, max-age=86400
etag: W/"b197-196e9938790"
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 45463
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/png
last-modified: Mon, 19 May 2025 17:24:42 GMT
vary: Origin
x-frame-options: DENY

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B52 0
0 235ms
234ms Fetch
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B52 0
0 224ms
224ms Fetch
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B52 0
0 142ms
141ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste3_z9sTOgLyNFGAZGgoqQupzcEoFDE3JjYb3WV-GnF75g8ad2_CnE7_27d1kL9K2BYfSq7FIvl4gV0IAVzNDb6ehR7l_MnO-0D67or0DIUJgGaDkXbmLzpTNNwkG8VlPagQKnC9fMmOb3TnEtI98nLGE_NH5nWOxPt10xyhy9r0H_ld8aO9Y0zmTvvBCaEHv6qH-Kx93g4t1JAqKxW3jJdDrTT0boh60epir_PlMb4hC7qg-tmOW6JnTeP5Zl_DuXkzdjriWHAxKAUSXiguNvwQOZJ1yl3K_17FhWMCs58OD1eHWUuxovX_f8Hf261WRhdGWIw24ultjCAn7wssgjEaYnISdKFl_GziF7ufr29CL0zBHavi4-XTDTodvTpnUUcC7_qPwsV4Pq5_pMTNJHTlcSowDXnLhEZvgluiZ1w0_Lb5jjtmuRGeiwc-uMVKPCJcvc9A&sai=AMfl-YSXsqs2ICI5uzv4jql-GsI_ev-OrgPE8idLgyvSKryOAB_BYmHtsolUKXhP_bvS2fAd8ZKWTALUJtf5sRfVZpIgfaJq2b_ymvNBVsXFUJDcP2rSpfRVwyRMrdJuR0tUF1ha82flIE_fulV-GOEi&sig=Cg0ArKJSzLM6JSbZxIKnEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 18:49:23 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 18:49:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B52 0
0 141ms
140ms Fetch
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 5A55 13 KB
5 KB 523ms
256ms Document
text/html 173.194.174.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.174.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

td-in-f132.1e100.net

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://umbrella-zip.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
age: 2918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 18:00:46 GMT
expires: Tue, 27 May 2025 18:50:46 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8149 829 B
565 B 245ms
106ms Document
text/html 142.250.67.4
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.4 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f4.1e100.net

Software

ESF /

Resource Hash

10b04d520c3f457db66e9deaf4232c2ce333f9e588da7d9fd13a904d17ae520f

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-y7NnUTv1MLd9d_stklDryg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://umbrella-zip.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'nonce-y7NnUTv1MLd9d_stklDryg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 18:49:24 GMT
expires: Tue, 27 May 2025 18:49:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 093F 0
26 B 150ms
149ms Image
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufMVKfe62HEwLOtPsUVOeQEq3mAGWcnHA1rxHGGc2tJAui5-mDVWxoG4JiuBZ3nrlt4JVS4LofxPCP2-gkdntufm4z9V_R7iLr73xVd3dx6Hbv05KmkwAhmwswFPd9g7p7HUJkVWVMtzKw5MGbnnmQnyXOMXJS0j5PBnsQujPUH9BjnsZomwcgqdRfiHZWOwH35iWCM2xgQt40jSsVn-kSn9AZXLLHwokNrp8tUgcp0p8D-ra1sxOn-AW9bwN9qhpabgvdSqX1j9fDFPJgnVnkXdFcwSCkXEuZwhcngwNv-Kbzgx__BS0bLa7sPBVy4ffB-uF4WJW5Pi0832aJkPD95xyUkAZazvNwhzlL1n-6QYgYG-z4yBVdM21aCs_curM9X9KfWVV2WRHHbegzJBdmxQafejpcBh5LgnnozE5Pj0qCried2B4_6z7gWX57G41emcMYXA&sai=AMfl-YSoyIAeMOiOgoRwpr24u4xgExM0egOrazfECQNgPstLLl0boe-55Tfgqz4ol051TesZqtRzHog8u0n1yFPdgFcXwOwPPmntZTvytqlFLGwLEUpc2Xtkiy6nbOTZu9SjCK2KMNtBlIM8_VlfwGVC&sig=Cg0ArKJSzNkvpd9KI_-gEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com
URL: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 18:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 093F 0
0 233ms
232ms Fetch
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 093F 0
0 234ms
233ms Fetch
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 gn
secure-us.imrworldwide.com/cgi-bin/ Frame E5DB 44 B
548 B 8ms
8ms Image
image/gif 3.25.26.222
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,NA&sessionId=sm4wbr2q3dpcf3f6sl3audnwhm9w51748371763&c16=sdkv,bj.6.0.0&uoo=&fp_id=pj69c20s9vaetsxv1de8els8uslfr1748371763&fp_cr_tm=1748371763566&fp_acc_tm=1748371763566&fp_emm_tm=1748371763566&ve_id=&c30=bldv,6.0.0.673&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&retry=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.25.26.222 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-25-26-222.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://cdn-gl.imrworldwide.com/

Response headers

cache-control: no-cache
pragma: no-cache
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy: cross-origin
access-control-allow-methods: POST, OPTIONS
expires: Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin: *
content-length: 44
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
date: Tue, 27 May 2025 18:49:24 GMT
content-type: image/gif
server: nginx

GET
H2 200 /
sm4wbr2q3dpcf3f6sl3audnwhm9w51748371763.nuid.imrworldwide.com/ Frame E5DB 35 B
351 B 102ms
6ms Image
image/gif 18.67.93.59
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sm4wbr2q3dpcf3f6sl3audnwhm9w51748371763.nuid.imrworldwide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-59.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://cdn-gl.imrworldwide.com/

Response headers

etag: "c2196de8ba412c60c22ab491af7b1409"
age: 51532
via: 1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 35
x-amz-cf-id: gFhJB8ghsbIyVZgYl4upJ7hgRhPEwYOqwHqfDKty84w4FxDs2LyPkw==
date: Tue, 27 May 2025 07:48:16 GMT
content-type: image/gif
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 093F 0
0 171ms
171ms Fetch
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame 093F 370 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df3dff96370d9840b1d83f5afb692baf82d64da3fafe0714588e7e4b3d707860

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 6032ba1d-7e90-4e90-a20b-e79a0e14e7b0
a4734.casalemedia.com/impression/v2/785511/39/d0r0icbk6j6n3o2quokg/ Frame C926 43 B
303 B 731ms
267ms Image
image/gif 139.5.86.204
CASALE-MEDIA

General

Check archive.org

Download Go to Show image

Full URL: https://a4734.casalemedia.com/impression/v2/785511/39/d0r0icbk6j6n3o2quokg/6032ba1d-7e90-4e90-a20b-e79a0e14e7b0?verifieD=1&userID=&cmpro=0&deviceType=4&expiryTime=1748372361&profileIDs=&creativeID=301c3d3&pubID=183785&format=banner&channel=site&ee=1
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.5.86.204 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Expires: 0
Access-Control-Allow-Origin: *
Content-Length: 43
Keep-Alive: timeout=1, max=500
Date: Tue, 27 May 2025 18:49:24 GMT
Content-Type: image/gif
Server: Apache

GET
H/1.1 200
OK casale
sg2-bid.adsrvr.org/bid/feedback/ Frame C926 807 B
1 KB 414ms
190ms Image
image/gif 3.33.241.113
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sg2-bid.adsrvr.org/bid/feedback/casale?t=1&iid=c4cccb3b-e93d-4580-be79-465e6a427418&crid=bnes1t4n&wp=aDYJMQAAAACtfP1QFEfH2m64yYIuyt1_XnEfdA&aid=1&wpc=USD&sfe=1a6d8931&puid=&bdc=14&tdid=&pid=hmb8a39&ag=nsfarco&adv=v3dvi83&sig=15QC6f_1bPYaHSmdbA14FlBHDRTs5el-vHYc6vHu6-fw.&bp=1.18941086835997&cf=8745351&fq=0&td_s=www.speedtest.net&rcats=gce&mste=www.speedtest.net&mfld=4&mssi=&mfsi=&uhow=76&agsa=&rgz=2000&svbttd=1&dt=Mobile&osf=iOS&os=iOS165&br=Safari&rlangs=en&mlang=en&svpid=183785&did=IX3MPADTTDAK4hdIADDISPWebAU&rcxt=MobileOptimizedWeb&lat=-33.870000&lon=151.200000&tmpc=12&daid=&vp=0&osi=&osv=&bffi=41&mk=Apple&mdl=iPhone&cc=1~KLUv_WNa1XJFDQCtBQAziiY9VgQQsQTyPIE8fgAqPwBRhAE7c4Bd2ABriAFQXCHr_gF0rvCE-wcMCQrAMxPrCWjjBUDxASCxAfICXKf3Wy3W1WzeMLICDNnS5Lcg-a07n12QrZ3dsvuwBeVvJfFbQditHKwWKlYLVC-MFiKsXSvPFTLdj6XIY0FhsZL0gFBYYA7WB4n13ek2jtfKNbjoWpfPjP95ngOXCVZQBvyHlLhI88usp29GWVoNSJuBlGugvUOY&dur=1~KLUv_SMFoCgkwDUBAIBNb2RlbEJhc2VkUUEiFwihBvyBr0L4gshcgls53XlE0Yc1eBEB&durs=k1flqU&crrelr=&fpa=553&pcm=3&vc=12&said=c9ede10e-38b0-434e-8c30-ba29f2ca5018_x27&ict=Unknown&auct=1&im=1&mc=6a940bdd-8db1-47ff-86ff-eca3505aa7c6&ev=3dzDbTPLFJMax7i-gaJR-neqGOrgU-HaDDBFl1SdXo0.&rsv=3.75186670796205&csg=EjRTcGVlZHRlc3QgYnkgT29rbGEgLSBUaGUgR2xvYmFsIEJyb2FkYmFuZCBTcGVlZCBUZXN0GgAiAEAEUgBaAGIA&abr=2d43a659-cb3b-4201-a364-c29899ecd015&tail=1
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.241.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae69789f15ba8a942.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

transfer-encoding: chunked
cache-control: must-revalidate, no-cache
pragma: no-cache
x-connection: close
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
date: Tue, 27 May 2025 18:49:23 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame C926 17 KB
8 KB 139ms
9ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

019861425cded660bfef7bd9c28a9c113e067d63b3ec5863f0d38deb23c82ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
age: 2890
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 19:01:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:01:14 GMT
last-modified: Thu, 01 May 2025 13:47:29 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges: bytes
content-length: 7429
x-xss-protection: 0
server: sffe

GET
H2 200 ca Show response
choices.truste.com/ Frame C926 21 KB
9 KB 59ms
6ms Script
text/javascript 18.67.110.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=hzurpis_nsfarco_bnes1t4n&c=tradedesk01cont1&js=pmw0&w=300&h=50&sid=0&dsarequired=&dsabehalf=&dsapaid=&dsaparams=

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.110.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-110-93.syd62.r.cloudfront.net

Software

nginx /

Resource Hash

261007c1617134bb5acb2e77f926d584d6c31bbfa6979c55a09f8b8c34f25fb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
age: 62056
expect-ct: max-age=31536000
x-content-type-options: nosniff
expires: Tue, 27 May 2025 02:35:08 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 4PGsGDoKSqZxgjYx_A0bHX08afYv8Zt4mkK3eCRw0AOiL7w2ctjLKw==
date: Tue, 27 May 2025 01:35:08 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
cache-control: max-age=3600
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: origin
via: 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
permissions-policy: geolocation=(), microphone=(), payment=()
cross-origin-embedder-policy: unsafe-none
x-xss-protection: 1; mode=block
x-amz-cf-pop: SYD62-P2
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8149 0
17 B 146ms
145ms Image
image/ 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gpt_m202505200101&jk=1067421181592797&rc=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://www.google.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:24 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H2 200 impl_v106.js Show response
www.googletagservices.com/dcm/ Frame C926 69 KB
26 KB 7ms
6ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v106.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

f401201bf19e9fe9542fc5261acc0535464e8988438001c62c289d5c16004ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
age: 146282
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 02:11:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 02:11:22 GMT
last-modified: Mon, 28 Apr 2025 15:28:15 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges: bytes
content-length: 26861
x-xss-protection: 0
server: sffe

GET
H3 200 B22795106.404839427;dc_ver=106.314;dc_eid=40004001;sz=300x50;u_sd=1;gdpr=0;nel=1;dc_adk=1677116860;ord=9prkox;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dc4cccb3b-e93d-4580-be79-46... Show response
ad.doubleclick.net/ddm/adj/N503803.284566THETRADEDESK/ Frame C926 88 KB
35 KB 282ms
169ms Script
text/javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N503803.284566THETRADEDESK/B22795106.404839427;dc_ver=106.314;dc_eid=40004001;sz=300x50;u_sd=1;gdpr=0;nel=1;dc_adk=1677116860;ord=9prkox;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dc4cccb3b-e93d-4580-be79-465e6a427418%26ag%3Dnsfarco%26sfe%3D1a6d8931%26sig%3DTRCERqWGRDiTMxU28zyF12S6Hnm4jIls3j9v7rSL36A.%26crid%3Dbnes1t4n%26cf%3D8745351%26fq%3D0%26t%3D1%26td_s%3Dwww.speedtest.net%26rcats%3Dgce%26mste%3Dwww.speedtest.net%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dcasale%26uhow%3D76%26agsa%3D%26wp%3DaDYJMQAAAAAdwsN8vTwkSFVLQb1Hf45eUYgveQ%26rgz%3D2000%26dt%3DMobile%26osf%3DiOS%26os%3DiOS165%26br%3DSafari%26svpid%3D183785%26rlangs%3Den%26mlang%3Den%26did%3DIX3MPADTTDAK4hdIADDISPWebAU%26rcxt%3DMobileOptimizedWeb%26tmpc%3D12%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26crrelr%3D%26npt%3D%26cc%3D1~KLUv_WNa1XJFDQCtBQAziiY9VgQQsQTyPIE8fgAqPwBRhAE7c4Bd2ABriAFQXCHr_gF0rvCE-wcMCQrAMxPrCWjjBUDxASCxAfICXKf3Wy3W1WzeMLICDNnS5Lcg-a07n12QrZ3dsvuwBeVvJfFbQditHKwWKlYLVC-MFiKsXSvPFTLdj6XIY0FhsZL0gFBYYA7WB4n13ek2jtfKNbjoWpfPjP95ngOXCVZQBvyHlLhI88usp29GWVoNSJuBlGugvUOY%26dur%3D1~KLUv_SMFoCgkwDUBAIBNb2RlbEJhc2VkUUEiFwihBvyBr0L4gshcgls53XlE0Yc1eBEB%26durs%3Dk1flqU%26bdc%3D14%26mk%3DApple%26mdl%3DiPhone%26fpa%3D553%26pcm%3D3%26ict%3DUnknown%26said%3Dc9ede10e-38b0-434e-8c30-ba29f2ca5018_x27%26auct%3D1%26csg%3DEjRTcGVlZHRlc3QgYnkgT29rbGEgLSBUaGUgR2xvYmFsIEJyb2FkYmFuZCBTcGVlZCBUZXN0GgAiAEAEUgBaAGIA%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fumbrella-zip.pages.dev%2F$0;xdt=1;crlt=-G_wrDqtTL;gcsr=m;stc=1;chaa=1;sttr=45;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

cafe /

Resource Hash

6d2ac01d7c6c67246b16a0456c365ba632452080d528192fa8aedeb8951bd30c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 35560
date: Tue, 27 May 2025 18:49:24 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 200 v3 Show response
id5-sync.com/gm/ 1 KB
2 KB 609ms
608ms XHR
application/json 162.19.138.116
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a8d118dee2b65453750d7ab756ecfacb3164f4f4ffa99e12e0a7b677d12e0671

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://umbrella-zip.pages.dev/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://umbrella-zip.pages.dev
p3p: CP="CAO PSA OUR"
date: Tue, 27 May 2025 18:49:24 GMT
content-type: application/json
vary: Origin

GET
H3 200 kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A55 54 KB
21 KB 10ms
9ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

91a9c8cbfc3ea2b3cc87932aeb20510deb7d33da686aa4e4ae7d343c2a475945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 102708
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 14:17:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 14:17:36 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21069
x-xss-protection: 0
server: sffe

POST
H2 200 firebase:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/ookla-speedtest/namespaces/ 434 B
476 B 110ms
108ms Fetch
application/json 172.217.167.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/ookla-speedtest/namespaces/firebase:fetch?key=AIzaSyDSaO6tE5SQ7J3ZMsKsepon8tNUNy5WA6s

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/speedtest-main.js?v=342671e7b4ad981af8ecd793a723cb11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

ESF /

Resource Hash

3b7af5e43ebdaa759e5bde45474407b2532166104111501438592fbf5d4f634b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

If-None-Match: *
Referer: https://umbrella-zip.pages.dev/
Content-Encoding: gzip
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
etag: etag-ookla-speedtest-firebase-fetch--995337576
x-content-type-options: nosniff
access-control-allow-origin: https://umbrella-zip.pages.dev
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
date: Tue, 27 May 2025 18:49:24 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/ookla-speedtest/namespaces/ Frame 0
0 204ms
101ms Preflight
text/html 172.217.167.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/ookla-speedtest/namespaces/firebase:fetch?key=AIzaSyDSaO6tE5SQ7J3ZMsKsepon8tNUNy5WA6s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://umbrella-zip.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: content-encoding,content-type,if-none-match
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://umbrella-zip.pages.dev
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 27 May 2025 18:49:24 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 204 generate_204
ep2.adtrafficquality.google/ Frame 5A55 0
40 B 244ms
225ms Image
text/plain 173.194.174.132
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?VdKhaw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.174.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: td-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 27 May 2025 18:49:24 GMT
cross-origin-resource-policy: cross-origin

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 437 KB
142 KB 146ms
143ms Script
application/javascript 64.233.188.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&cx=c&gtm=45He55m0v6359835za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.188.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

07057b0a66609363a632eae47aef5ebf886480d8547c8d4fa02d06f69d192e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Tue, 27 May 2025 18:49:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:49:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 145497
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 html_inpage_rendering_lib_200_281.js Show response
s0.2mdn.net/879366/ Frame C926 171 KB
60 KB 121ms
8ms Script
text/javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_281.js

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

36cd7339bca1290ac47d93c669e347f064ae47cd46e6eabc9e2c8ed6e48b12a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
age: 24682
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 11:58:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 11:58:03 GMT
last-modified: Tue, 29 Oct 2024 20:59:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 60621
x-xss-protection: 0
server: sffe

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20250522/r20110914/elements/html/ Frame C926 12 KB
4 KB 2ms
2ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250522/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N503803.284566THETRADEDESK/B22795106.404839427;dc_ver=106.314;dc_eid=40004001;sz=300x50;u_sd=1;gdpr=0;nel=1;dc_adk=1677116860;ord=9prkox;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dc4cccb3b-e93d-4580-be79-465e6a427418%26ag%3Dnsfarco%26sfe%3D1a6d8931%26sig%3DTRCERqWGRDiTMxU28zyF12S6Hnm4jIls3j9v7rSL36A.%26crid%3Dbnes1t4n%26cf%3D8745351%26fq%3D0%26t%3D1%26td_s%3Dwww.speedtest.net%26rcats%3Dgce%26mste%3Dwww.speedtest.net%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dcasale%26uhow%3D76%26agsa%3D%26wp%3DaDYJMQAAAAAdwsN8vTwkSFVLQb1Hf45eUYgveQ%26rgz%3D2000%26dt%3DMobile%26osf%3DiOS%26os%3DiOS165%26br%3DSafari%26svpid%3D183785%26rlangs%3Den%26mlang%3Den%26did%3DIX3MPADTTDAK4hdIADDISPWebAU%26rcxt%3DMobileOptimizedWeb%26tmpc%3D12%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26crrelr%3D%26npt%3D%26cc%3D1~KLUv_WNa1XJFDQCtBQAziiY9VgQQsQTyPIE8fgAqPwBRhAE7c4Bd2ABriAFQXCHr_gF0rvCE-wcMCQrAMxPrCWjjBUDxASCxAfICXKf3Wy3W1WzeMLICDNnS5Lcg-a07n12QrZ3dsvuwBeVvJfFbQditHKwWKlYLVC-MFiKsXSvPFTLdj6XIY0FhsZL0gFBYYA7WB4n13ek2jtfKNbjoWpfPjP95ngOXCVZQBvyHlLhI88usp29GWVoNSJuBlGugvUOY%26dur%3D1~KLUv_SMFoCgkwDUBAIBNb2RlbEJhc2VkUUEiFwihBvyBr0L4gshcgls53XlE0Yc1eBEB%26durs%3Dk1flqU%26bdc%3D14%26mk%3DApple%26mdl%3DiPhone%26fpa%3D553%26pcm%3D3%26ict%3DUnknown%26said%3Dc9ede10e-38b0-434e-8c30-ba29f2ca5018_x27%26auct%3D1%26csg%3DEjRTcGVlZHRlc3QgYnkgT29rbGEgLSBUaGUgR2xvYmFsIEJyb2FkYmFuZCBTcGVlZCBUZXN0GgAiAEAEUgBaAGIA%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fumbrella-zip.pages.dev%2F$0;xdt=1;crlt=-G_wrDqtTL;gcsr=m;stc=1;chaa=1;sttr=45;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

64142ab15fe359eee6c9c6fbc0494b14bebb33c91766d97c3da40a13eccc18b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 11478221875201388932
age: 41359
x-content-type-options: nosniff
expires: Tue, 10 Jun 2025 07:20:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 07:20:05 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 4401
x-xss-protection: 0
server: cafe

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C926 41 KB
14 KB 2ms
1ms Script
text/javascript 142.250.67.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

content-encoding: br
age: 2579
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 18:56:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:06:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 13937
x-xss-protection: 0
server: sffe

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame C295
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183785&gdpr=0
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183785&gdpr=0&C=1

667 B
764 B

320ms
313ms

Document
text/html

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183785&gdpr=0&C=1
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35294036ae0262e2ce552328e7b9fe98f9f7edbdc2bf8caa29a8727280b6f0e1

Request headers

Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 9467b12b9b8041bc-SYD
content-encoding: br
content-type: text/html
date: Tue, 27 May 2025 18:49:25 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=30CNX3f0zmHLcWHKksaOEAJBcWqP07zM3e%2BH%2FLErHSD1HTdcWEpdRVFRuLt87igjvM7CZ7escv3ykRimumt9lgA4Gg8KaGELROZMXnRj1M9LvOgoRC7v%2BSijUf3H%2Fg5gwNmF70TEsRlHCw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 9467b12acb1641bc-SYD
content-length: 0
date: Tue, 27 May 2025 18:49:25 GMT
expires: 0
location: /usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183785&gdpr=0&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pgFxMQIpZsMi08yurmIsdz5hRs7IC%2BgEKgikg%2FkcwfwNe8F%2BuqgU%2FD9UkdVOD%2FMI%2BymZt60EpboPKWPVwFwF05w30hGcIQ1oSn95%2BH9SV%2FrzLPk1EdLsWe%2B%2BaYK8%2BnQYU3ed%2Bd0qZuCXWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3649 38 KB
13 KB 4ms
2ms Document
text/html 142.250.67.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
age: 2235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 18:12:09 GMT
expires: Tue, 27 May 2025 19:02:09 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3649 54 KB
21 KB 3ms
3ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

91a9c8cbfc3ea2b3cc87932aeb20510deb7d33da686aa4e4ae7d343c2a475945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://tpc.googlesyndication.com/

Response headers

content-encoding: br
age: 102708
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 14:17:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 14:17:36 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21069
x-xss-protection: 0
server: sffe

POST
H3 200 /
www.google.com/measurement/conversion/ 0
0 210ms
106ms Fetch
text/html 142.250.67.4
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google.com/measurement/conversion/?random=1748371765133&cv=11&tid=G-KKLSRK6J1Z&fst=1748371765133&fmt=6&en=first_visit&gtm=45je55m0v879908529z86359835za200zb6359835&gcs=G111&gcd=13v3v3v3v6l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fumbrella-zip.pages.dev%2F&gacid=729404574.1748371765&frm=0&tiba=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&npa=0&us_privacy=error&pscdl=noapi&auid=1813422859.1748371765&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&cx=c&gtm=45He55m0v6359835za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.67.4 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s16-in-f4.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

POST
H2 204 collect
analytics.google.com/g/ 0
0 245ms
103ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KKLSRK6J1Z&gtm=45je55m0v879908529z86359835za200zb6359835&_p=1748371760412&_gaz=1&gcs=G111&gcd=13v3v3v3v6l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635&cid=729404574.1748371765&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_prs=ok&_s=1&sid=1748371765&sct=1&seg=0&dl=https%3A%2F%2Fumbrella-zip.pages.dev%2F&dt=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&_tu=AAg&en=page_view&_fv=2&_nsi=1&_ss=1&ep.gtm_container=GTM-K7SNBZ&ep.gtm_version=299&ep.mobile_web_test=true&ep.hostname=https%3A%2F%2Fumbrella-zip.pages.dev&ep.adblock_status=False&ep.zdConsent_geoCC=&ep.zdConsent_gdprApplies=false&ep.zdConsent_consentGiven=true&ep.vpnUseDetected=false&epn.client_timestamp=1748371764755&ep.autoStart=Fetch%20failed%20due%20to%20error%3A%20%27Timed%20out%20waiting%20for%20promise%27.%20Using%20default%20value%3A%20default&up.user_type=anonymous&up.adFree=false&up.gaOptInStatus=true&up.googAdsOptInStatus=true&tfd=5565
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&cx=c&gtm=45He55m0v6359835za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://umbrella-zip.pages.dev
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:49:25 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
562 B 474ms
261ms Ping
text/plain 172.217.194.155
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KKLSRK6J1Z&cid=729404574.1748371765&gtm=45je55m0v879908529z86359835za200zb6359835&aip=1&dma=0&gcs=G111&gcd=13v3v3v3v6l1&npa=0&frm=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&cx=c&gtm=45He55m0v6359835za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:124:0
report-to: {"group":"ascnsrsggc:124:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:124:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://umbrella-zip.pages.dev
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:124:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:49:25 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 221ms
110ms Image
image/gif 172.217.167.99
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KKLSRK6J1Z&cid=729404574.1748371765&gtm=45je55m0v879908529z86359835za200zb6359835&aip=1&dma=0&gcs=G111&gcd=13v3v3v3v6l1&npa=0&frm=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635&z=1909388141

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 18:49:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET

ID5
crb.kargo.com/api/v1/dsync/
Redirect Chain

https://id5-sync.com/i/718/8.gif?o=api&id5id=ID5*ypu4gmqZUeXcjTGSzoK8wJIkHjmQBFxlBTrYWjF2TnkeCqJK_2AWoHOQQK9GwUNc&gdpr_consent=undefined&gdpr=false
https://ib.adnxs.com/getuid?https://id5-sync.com/c/718/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/718/2/7/2.gif?puid=5837088198247345251&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=18170998-4185-4ff9-9ffa-95189d075bee&ttl=%%TTL%%
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/718/112/5/4.gif?puid=7711C13E4AFD79&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F10%2F4%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F10%2F4%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/718/10/4/5.gif?puid=9116353433582422896&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F108%2F3%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F108%2F3%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
https://id5-sync.com/c/718/108/3/6.gif?puid=027fe82e-4468-43fb-a2e6-62684c63bbe7&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f78dxjXRA3AhsXRiLjwmPoie3zyo3IOplli8ndrOnw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F3%2F2%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/718/3/2/7.gif?puid=74806836-093a-4b00-b099-21de55bba6dd&gdpr=0&gdpr_consent=
https://crb.kargo.com/api/v1/dsync/ID5?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&r=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F1785%2F1%2F8.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D

0
0

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C926 221 KB
0 7ms
7ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_281.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 81102085050987160
age: 597
x-content-type-options: nosniff
expires: Tue, 27 May 2025 19:39:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 18:39:26 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 234 KB
16 KB 212ms
109ms Document
text/html 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_281.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

84582fea915c1fb96887b29093d15cb9db256c7635ad2567178abc5c725721d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 18:49:25 GMT
expires: Wed, 27 May 2026 18:49:25 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C926 0
0 156ms
145ms Fetch
image/png 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssm6nnUcEyifBk1_1S_PmHpGcmoV6oiY-anZJiNMyRmj32m7vgxiCR3mOS8XANbcWkHqM_cIRAwFBSMHyhNL2vuHsMUwbh0HxsB5c8keQNCB9Dhea-znH5dqg0UrHxAOQoSVTOHASwt7SVUnPih5HcGcT4d_fGvZ9vciTkpGU7dekiadtwQg8YcEoGpb7OjGWkJQu8D&sai=AMfl-YRUU7AxU25ZtztKWNsc_YVmk_h7eX7JqEV0XYYng8bCB1K-jMNyWhJa-60ZEDOXcAnxqvhaEDLEFXUZ&sig=Cg0ArKJSzMxzDgzPLuW-EAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9zdGF5ei5jb20uYXU&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=465&cbvp=1&cstd=454&cisv=r20250522.62707&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 18:49:25 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 18:49:25 GMT
x-xss-protection: 0
content-type: image/png
attribution-reporting-register-source: {"aggregation_keys":{"908853744":"0xb1bb1794e3a918500000000000000000","908853745":"0x75f6b9da77ad26040000000000000000","908853746":"0xeff4ec16989a2d050000000000000000","908853747":"0xbebabf464b607ab40000000000000000"},"debug_key":"3392825159522588421","debug_reporting":true,"destination":"https://vrbo.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["6519113"]},"priority":"0","source_event_id":"8815939124241405358"}
server: cafe

GET
H3 200 mirage2.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/ Frame C295 38 KB
12 KB 40ms
12ms Script
application/javascript 104.17.73.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2.min.js

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183785&gdpr=0&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.73.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ssum-sec.casalemedia.com/

Response headers

strict-transport-security: max-age=15780000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"682eb52b-9688"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oy2a2lCeU5xFLfMHalgj9u4akntftBYI3xG1MGyePNiCXgzEuIOQ6dw8WAzJifXT56dnIXpLroKmdGNAHDduUqf00xBENCkAcYfZCM6r6hxUtBYMh3gxfAYOpwuoWFZ3C8PJEWk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 9467b12e080ee7cd-SYD
expires: Thu, 29 May 2025 18:49:25 GMT
date: Tue, 27 May 2025 18:49:25 GMT
content-type: application/javascript
last-modified: Thu, 22 May 2025 05:24:59 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C926 0
0 249ms
246ms Fetch
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C926 0
0 201ms
192ms Fetch
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C926 0
0 192ms
168ms Fetch
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ 0
17 B 241ms
228ms Image
image/ 142.251.221.66
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202505200101&jk=1067421181592797&bg=!9fal9rnNAAYA59AtIOc7ADQBe5WfODdf8S6ClTNuoHw_zAiFDTkf392LaQF4T08h7ZtOmQ5u-tKz_6zuy6KcJSDnIattAgAAAINSAAAAOWgBB34ANSt7h72ZotjWSqdsIHTNB4FLV2vwSqbSTaq-AHMO6ZwCU9mXxdgfdlh5kHYvsul5kvJuMVMnCgAH3CNMXVGN6JkCXkPn85xvGvdHndtqjSA2YE9yNOlUGQXrObA04B7Z2uOyCViPTYKgUQiqFRK-jKC4Slt0FjIMPaqBKnaoVYnU4SC8YVWaVl-B1yYJ8NbKu2SFK_Bp93263U1eq9B_MT9ouuaUv0v57WxPtAmJvy_dAUMuZ488ZwKCU4MH5usuDrJsIeVyuFFm8i2CkmWYFFW8ewxDwZ954XpYbP76rtxHMrxkMDsrCt-1WiY49HhVO0Mcta3KDvAqkNtlrFaY387o3vkSfxguCgD229r1dazspfT_su2mcDqxCXnlM_Gbd65H6gja2rH8_J8J5gaB0_TD7GhYoVRjcWn26cjzfuc_f3frqYubyViqIoLMICpT0UQc7RePp7Uh2jLQct4gAW3p0WdM96apVoSmaNZvm-sBM79W3RIqZ2xX3QbJiFFA0xRYcvtcEqTIMVPD9fnvLN-sDgvpii4mQlJ1MZWBRSa9LzI1HOEGN9t_ZHu8P_3ue4ri9SKJyWEVNPjO-CxbvFyxFU1zxgvj6pwfOGkvhNlJyk7EkDMcUI4RDhxOfFPT4Y-ta0yZVekwiFu66Wh3YiOudI5UKZpXtscHgGXuH-4B1haRqXhOIu_QTYsaaTlCx6FAHa3zz18Pj5_8zF914l2qX4T_gP_Onu2CewUTVgi4zsUTctLTxGD1DXXt14O18nTqylHEAO3WhzXYQ7s86Jab6cztBiUZE1Q5tcIbdUwlgxqFaBuJM4fT7K7N91UfffGmt1B87p25_ELnOxt4TBfuSkCIvSmTj7A3ZkEZWTHhKvol8bP0k362AccBgEIu3g

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:25 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 55 B
104 B 82ms
35ms Stylesheet
text/css 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 141470
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 03:31:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 03:31:35 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 74
x-xss-protection: 0
server: sffe

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 731 B
264 B 81ms
34ms Stylesheet
text/css 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 128587
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 07:06:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 07:06:18 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 234
x-xss-protection: 0
server: sffe

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 24 B
73 B 85ms
39ms Stylesheet
text/css 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 102671
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 14:18:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 14:18:14 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 44
x-xss-protection: 0
server: sffe

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 281 B
188 B 82ms
36ms Stylesheet
text/css 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 59657
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 02:15:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 27 May 2025 02:15:08 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 158
x-xss-protection: 0
server: sffe

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 26 B
75 B 83ms
37ms Stylesheet
text/css 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 82364
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 19:56:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 19:56:41 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 46
x-xss-protection: 0
server: sffe

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 157 B
145 B 81ms
36ms Stylesheet
text/css 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 102971
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 14:13:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 14:13:14 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 115
x-xss-protection: 0
server: sffe

GET
H2 200 css
fonts.googleapis.com/ Frame ED74 578 KB
158 KB 302ms
124ms Stylesheet
text/css 142.250.204.10
GOOGLE

General

Check archive.org

Download Go to

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f10.1e100.net

Software

ESF /

Resource Hash

097faced3cb0ce59343c6c12752f017fa8060eaa64ea17d25cd90f12e04a4627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 18:49:25 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:49:25 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 21 KB
6 KB 83ms
40ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

630dcb1aea14b0b32672353c6718f225a51122da1e170c35185ed4177b3489cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 75095
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 21:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 21:57:50 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 6288
x-xss-protection: 0
server: sffe

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 400 B
315 B 98ms
54ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 349696
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Sat, 23 May 2026 17:41:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Fri, 23 May 2025 17:41:09 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 275
x-xss-protection: 0
server: sffe

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 3 KB
1 KB 72ms
27ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

3702675bb100b35f2cc13c2d7e830a1abb3d645ddeb6a2155be81d777d21dfa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 243967
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Sun, 24 May 2026 23:03:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sat, 24 May 2025 23:03:18 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 1307
x-xss-protection: 0
server: sffe

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 8 KB
3 KB 98ms
53ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

47362f03763fafea173fabaa570f4054c7931e5f8d1e6f6daa2b08cafae41cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 122381
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 08:49:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 08:49:44 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 3174
x-xss-protection: 0
server: sffe

GET
H3 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame ED74 116 KB
39 KB 81ms
37ms Script
text/javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 23263
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 12:21:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 12:21:42 GMT
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 40237
x-xss-protection: 0
server: sffe

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 13 KB
4 KB 72ms
28ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

1d1651d91488d8e6357d29c08174475d886c695a2a9101ab4c73efd0137ad3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 50340
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 04:50:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 27 May 2025 04:50:25 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 4463
x-xss-protection: 0
server: sffe

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 5 KB
2 KB 96ms
53ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

00e3bc05f59be2a1faacba16a7c0fba7de267a60f2e88c04789e4ffe0dfb6056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 59416
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 02:19:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 27 May 2025 02:19:09 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 2004
x-xss-protection: 0
server: sffe

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 1 KB
618 B 70ms
27ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

3b1b78dc0bec6c4c5e65036a6d67c15a91ae2fc807f61ddab5ddccc3483cb9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 119566
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 09:36:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 09:36:39 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 587
x-xss-protection: 0
server: sffe

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 7 KB
3 KB 68ms
27ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

35b384bb05910ed7d48bd862cd68e26612295c2019ae64a59984908292fd5bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 108873
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 12:34:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 12:34:52 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 2873
x-xss-protection: 0
server: sffe

GET
H3 200 gwd-events-support.1.0.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 5 KB
1 KB 94ms
51ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwd-events-support.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

97cdf067606c37c831a54b3ffc71cafb94ff1f4db84a1ba620b2e9e43cc1084d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 92669
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 17:04:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 17:04:56 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 1215
x-xss-protection: 0
server: sffe

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 4 KB
2 KB 67ms
24ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

d66c408f2d22f32c480961298e6fba83ca59fe57386f9e6726a47c27553aad90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 69479
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 23:31:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 23:31:26 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 1809
x-xss-protection: 0
server: sffe

GET
H3 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 3 KB
1 KB 94ms
51ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

11084de664d888933874102638926c6686af22a88f1805fc3d4f55ba91b2d816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 344490
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Sat, 23 May 2026 19:07:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Fri, 23 May 2025 19:07:55 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 1286
x-xss-protection: 0
server: sffe

GET
H3 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 5 KB
2 KB 94ms
51ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

414eef74ac6306127645beddc4f34f59a6ea3994e410f188481d736b01ee4b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 377400
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Sat, 23 May 2026 09:59:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Fri, 23 May 2025 09:59:25 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 2321
x-xss-protection: 0
server: sffe

GET
H3 200 gwdfontloader_min.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 5 KB
2 KB 87ms
51ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwdfontloader_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

4da3a53d30501adaadc5f661dd230b46c944142308038c8e0803aab976b2ba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 68869
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 23:41:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 23:41:36 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 2121
x-xss-protection: 0
server: sffe

GET
H3 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 26 KB
10 KB 87ms
51ms Script
application/x-javascript 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

1b7dae0db48b4096db0d72ceb798d500974825ca5eb1700d7b2a88d76591e360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

content-encoding: gzip
age: 132654
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 05:58:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 05:58:31 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 10530
x-xss-protection: 0
server: sffe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3649 0
20 B 175ms
140ms Image
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOEXKNAk2aKCNI6To9fwP3uqekQgAAAAAOAHgBAI&bg=!MzClMH_NAAYA59AtIOc7ADQBe5WfOArSpMlXWXdAlV4W9oz-PqaV7rDtzSLMHSSFuaBmCpgtWx2Zps3T6cop_lHQxLaoAgAAAcFSAAAABmgBB34ANBB_l6p4cWvR22sosW3HUaYlshAMTbv5cDtW1OoH5sXLri0Ve0OCJduPKxcXMYuTjKIMH9yZAu_bWqTEYUVUvk_6snI5a8mC6xFwOVwo0-yYNc1xe1PAHBLl1TJ2tb5xQ4rtR1RHbhzgsjauY9wINW2eXEmL7T0T1NoViD5cIcgMezufDC8Bfwaq4GNg6ufEq8vCdhVGhrv4eB5oYYsaIDA8ZeQP6IUANncYp_WkOzJHXyCdUT1c5FHdrszuFnPGSFeH4oMLbVr6fqAOdiRBEnZ4jxhK18O70N4NHdTPExlDjXSXv2AaoOoytrOJFm8sDyeI2Cq-ZQ_DeIUeAALp893VB67xpznfJ-ALiPGfZ8kKPdCN5q_XgOsRNUJL9JENFIHdwFgA5_i0UZikHtsRUMx0RM7u0zUulhSIaXo_Chi89b0T_JLZdz7zRGY8iabZmFwtywi2nSla-IEtLpbaPwykYfkJuhdlh8wmIJmwRU-U00Cjy6lHiZ4ih1Gx0lHbgxu1LmfGfLsHlG0EWH4ppJyesk9BzYYvCT4VivBmM5kOoxtSTYN-UXikWtyV01kUtjL-RXNRqtYfBq_CqHYve4Lj7JDARnpQYbGK4LwpYYc9OlZMzYZKlJKTBqm-hTPQ-6F-S2HHeIifV60hSHVwcno_04a-E4YPXIChu6yL5rFn_S3P-yc36yDOT0rqYw2EKl9daWnFAaAVSigqeYVfWnIvZRZqv0Svo0_s3tA8lVLTbiv6oHm9TdYkbYPvoa8F2BqB4w2bA7bBsJInrRd9OWCLSo-rQg83mQDamcytj_eqaVOvDWsfzqGe3MsXlcANQ3kyUlPypKjnaeJf-VSHY8nEevlYmCMABD4-TDtH9K_6EviJiZcnCWE65ML-0tDcYzYKpFbG7JFkCIMk4BytCdjQLY-6r3M5UpkpP9e_NmVbLdaqWopc4A1SQzXxt_bouRbXqFIb6iD63BR8ZMF8NqSnqAkyTIXlVNBlo3mmKYuE0DD1u9M7aQdQ9oBsABlfzyyDfCU89tAWuICwQfXWIvd3hB9xUsuh63r50uKUp7bV_kWMF5z0

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://tpc.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 18:49:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 htw-pixel.gif
js-sec.indexww.com/ht/ Frame C295 43 B
352 B 150ms
48ms Image
image/gif 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183785&gdpr=0&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://ssum-sec.casalemedia.com/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "da1f1d-2b-546dc3a097100"
age: 745
cf-ray: 9467b1304a52aae4-SYD
expires: Tue, 27 May 2025 22:49:25 GMT
accept-ranges: bytes
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Tue, 27 May 2025 18:49:25 GMT
edge-control: cache-maxage=1h
content-type: image/gif
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 check_c Show response
zdbb.net/ 73 B
329 B 834ms
424ms XHR
text/plain 44.240.150.157
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://zdbb.net/check_c?eu_consent=&zd_opt_out=
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.240.150.157 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-150-157.us-west-2.compute.amazonaws.com
Software: Ziff Davis BuyerBase /
Resource Hash: 05bbe34f085df7073215e3888998182a390ec3cdfe4c231c6042f136797ddecb

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 73
p3p: CP="ALL DSP COR NID"
date: Tue, 27 May 2025 18:49:26 GMT
content-type: text/plain; charset=utf-8
server: Ziff Davis BuyerBase

GET
H2 200 info Show response
gurgle.zdbb.net/ 269 B
489 B 902ms
461ms XHR
application/json 34.202.218.7
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fumbrella-zip.pages.dev%2F&fp=0&lcl_id=&eu_consent=&zd_opt_out=
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.218.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-218-7.compute-1.amazonaws.com
Software: /
Resource Hash: 4a8af5aa446aa597a56eeac5434c47113c6cdff050ad590f7114a1228e283bf0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: Content-Type, Cache-Control
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 269
date: Tue, 27 May 2025 18:49:26 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS

GET
H3 200 FreigSanLFProMed.ttf
s0.2mdn.net/sadbundle/11123511781932539772/ Frame ED74 181 KB
181 KB 12ms
4ms Font
application/octet-stream 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11123511781932539772/FreigSanLFProMed.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

077cd237ac75e4c5da09de097766389440988e9e934a577e188fc54828c66802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

age: 131780
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 06:13:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 26 May 2025 06:13:06 GMT
last-modified: Tue, 10 Aug 2021 14:44:40 GMT
content-type: application/octet-stream
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 184928
x-xss-protection: 0
server: sffe

GET
H3 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ Frame ED74 14 KB
14 KB 135ms
2ms Font
font/woff2 142.250.204.3
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

sffe /

Resource Hash

d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/

Response headers

age: 132023
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 06:09:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 06:09:03 GMT
last-modified: Tue, 02 May 2023 15:17:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13980
x-xss-protection: 0
server: sffe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ED74 8 KB
6 KB 125ms
124ms XHR
application/json 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7a908d8da60ab3410a2aa6799ccbb446ee5e5d443daaae6057ebcb646c76dadd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 6538
date: Tue, 27 May 2025 18:49:26 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 gn
secure-us.imrworldwide.com/cgi-bin/ 44 B
424 B 5ms
4ms Image
image/gif 54.66.34.108
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-408075&ch=au-408075_b99_0&sessionId=sm4wbr2q3dpcf3f6sl3audnwhm9w51748371763&fp_id=pj69c20s9vaetsxv1de8els8uslfr1748371763&fp_cr_tm=1748371763566&fp_acc_tm=1748371763566&fp_emm_tm=1748371763566&asn=0&prv=1&c6=vc,b99&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,kbsyx2fjke4mn4cvu2r3gofwlkrwn1748371763&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,17483717635596804&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Fumbrella-zip.pages.dev%2F&c73=phtype,&c74=dvcnm,&uoo=&c62=sendTime,1748371765&rnd=599514
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.66.34.108 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-66-34-108.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache
pragma: no-cache
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy: cross-origin
access-control-allow-methods: POST, OPTIONS
expires: Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin: *
content-length: 44
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
date: Tue, 27 May 2025 18:49:26 GMT
content-type: image/gif
server: nginx

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C926 0
0 140ms
140ms Fetch
image/png 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssm6nnUcEyifBk1_1S_PmHpGcmoV6oiY-anZJiNMyRmj32m7vgxiCR3mOS8XANbcWkHqM_cIRAwFBSMHyhNL2vuHsMUwbh0HxsB5c8keQNCB9Dhea-znH5dqg0UrHxAOQoSVTOHASwt7SVUnPih5HcGcT4d_fGvZ9vciTkpGU7dekiadtwQg8YcEoGpb7OjGWkJQu8D&sai=AMfl-YRUU7AxU25ZtztKWNsc_YVmk_h7eX7JqEV0XYYng8bCB1K-jMNyWhJa-60ZEDOXcAnxqvhaEDLEFXUZ&sig=Cg0ArKJSzMxzDgzPLuW-EAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9zdGF5ei5jb20uYXU&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1625&vt=11&dtpt=1160&dett=3&cstd=454&cisv=r20250522.62707&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=

Requested by

Host: umbrella-zip.pages.dev
URL: https://umbrella-zip.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 18:49:26 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 18:49:26 GMT
x-xss-protection: 0
content-type: image/png
attribution-reporting-register-source: {"aggregation_keys":{"908853744":"0xb1bb1794e3a918500000000000000000","908853745":"0x75f6b9da77ad26040000000000000000","908853746":"0xeff4ec16989a2d050000000000000000","908853747":"0xbebabf464b607ab40000000000000000"},"debug_key":"14012556606063706780","debug_reporting":true,"destination":"https://vrbo.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["6519113"]},"priority":"0","source_event_id":"16859691138979180002"}
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 093F 0
0 236ms
233ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvO0z0cIGCOifgVq9CnX9pbFLhGU-ViLT4dxbhl_xTQTXSI36lCgwjt3GQBg7eu0JFn2DhIwBXwnxYCz3vSa-6doJl0BwwKrZZSlN6ciLRue48Z55fqJ-dmOy4MQ2fpvAdHotMGvoR--VyU3CSZjcFjTwHMdoZM3OOd3vEpM9HsvxkxhV0B1sBz2bXrJ3dPqzJj7N5ZpcdlRJeQUTPmHhBsHRYMi6ZtGTDSGA6xOH05BYyCDdF1i7GLPoXKwrJ6BmWSkRWgWPG3hOCOEmeZRpqrTwZ7TrMsNRdIGIbN1wpxFGt1hU_xXRP6sEGJecHpHilPS9A47M6SOVsysstfwQ-P_BVLZycPfOmehEe8l7JNu-juNipFueYgG6A18YdenC7PqTA0XUYJwwBy-b-1LMLRQbWPvqTk9FO2dr9zVHWQEF8VaBaxGpe-jdV_6wnW7zg18KEhd8Gb&sai=AMfl-YSwORG-3BaiySk2A9yijIvjntfdbm29IBk6HYH7uG_7dPkfJ-TyM2uB8ZGcgudL_cRkJAlxGafiuyJ8fpFRD6VIz9k2iGGY5gNQGMrhpDMw8tThX2raT_tNwndeJcoCOuKkc9uJyHYAhwkVmjPM&sig=Cg0ArKJSzOEok_lOWdx7EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 27 May 2025 18:49:26 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 27 May 2025 18:49:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ED74 20 KB
7 KB 101ms
100ms Script
text/javascript 142.250.67.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f1.1e100.net

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 18:49:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:49:26 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H3 200 47512218_20210127080245488_Stayz_logo_2.png
s0.2mdn.net/ads/richmedia/studio/47512218/ Frame ED74 14 KB
14 KB 10ms
6ms Image
image/png 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20210127080245488_Stayz_logo_2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

c337a7f06ba5ef0422aa07fe6541b2808f6ade4b7ecfef491d2c0d8876ace74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

age: 33439
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 09:32:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 09:32:07 GMT
last-modified: Wed, 27 Jan 2021 16:02:45 GMT
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 14734
x-xss-protection: 0
server: sffe

GET
H3 200 47512218_20210127080238745_Stayz_logo_1_left_mobile.png
s0.2mdn.net/ads/richmedia/studio/47512218/ Frame ED74 4 KB
4 KB 11ms
6ms Image
image/png 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20210127080238745_Stayz_logo_1_left_mobile.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

93d0e07268c1c2012e717c33850712bb55c35f57e5a003b5a80871f410008f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

age: 42894
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 06:54:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 06:54:32 GMT
last-modified: Wed, 27 Jan 2021 16:02:38 GMT
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 4127
x-xss-protection: 0
server: sffe

GET
H3 200 47512218_20200713065946202_icon_check_Stayz.png
s0.2mdn.net/ads/richmedia/studio/47512218/ Frame ED74 7 KB
7 KB 11ms
6ms Image
image/png 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20200713065946202_icon_check_Stayz.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

b8ec4458f8db821eb610d3a950d143f1dd4ed4a0c9a323de0b4067364d1385f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

age: 37405
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 08:26:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 08:26:01 GMT
last-modified: Mon, 13 Jul 2020 13:59:46 GMT
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 7408
x-xss-protection: 0
server: sffe

GET
H3 200 47512218_20200713065950008_icon_green_box_Stayz.png
s0.2mdn.net/ads/richmedia/studio/47512218/ Frame ED74 3 KB
3 KB 11ms
6ms Image
image/png 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20200713065950008_icon_green_box_Stayz.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

c68cdb813008bfd13f584759e4b7672eb096bbb6b6f54613c0511d230ce48845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

age: 44897
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 06:21:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 06:21:09 GMT
last-modified: Mon, 13 Jul 2020 13:59:50 GMT
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 3044
x-xss-protection: 0
server: sffe

GET
H3 200 47512218_20200612023033148_icon_mag_glass.png
s0.2mdn.net/ads/richmedia/studio/47512218/ Frame ED74 14 KB
14 KB 16ms
9ms Image
image/png 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20200612023033148_icon_mag_glass.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

60fe6df1276d1338d90c0ca63e5b86240f1babe7f6be262e95294b128c130299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

age: 23935
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 12:10:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 12:10:31 GMT
last-modified: Fri, 12 Jun 2020 09:30:33 GMT
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 14639
x-xss-protection: 0
server: sffe

GET
H3 200 47512218_20211019022043317_img_2_short-trip_family_australia_300x50.jpg
s0.2mdn.net/ads/richmedia/studio/47512218/ Frame ED74 44 KB
44 KB 16ms
10ms Image
image/jpeg 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20211019022043317_img_2_short-trip_family_australia_300x50.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

b288547c0e12829743c0bacf70293b253ecb31be06abd84dcfe01dbe7d5dcc53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

age: 40602
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 07:32:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 07:32:44 GMT
last-modified: Tue, 19 Oct 2021 09:20:43 GMT
content-type: image/jpeg
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 45188
x-xss-protection: 0
server: sffe

GET
H3 200 47512218_20211019022046931_img_3_short-trip_family_australia_300x50.jpg
s0.2mdn.net/ads/richmedia/studio/47512218/ Frame ED74 99 KB
99 KB 21ms
14ms Image
image/jpeg 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20211019022046931_img_3_short-trip_family_australia_300x50.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

4d8c11f9662f684be645204dcdd5174d511bc34bf071d9250c5d435b3298d5cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

age: 37659
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 08:21:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 08:21:47 GMT
last-modified: Tue, 19 Oct 2021 09:20:47 GMT
content-type: image/jpeg
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 101020
x-xss-protection: 0
server: sffe

GET
H3 200 47512218_20211019022051478_img_4_short-trip_family_australia_300x50.jpg
s0.2mdn.net/ads/richmedia/studio/47512218/ Frame ED74 11 KB
11 KB 21ms
17ms Image
image/jpeg 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20211019022051478_img_4_short-trip_family_australia_300x50.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

21b89b3adc6259f9563fc1cdcdd31c652635b251ea244f3d4bc705264479da9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

age: 4024
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 17:42:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 17:42:22 GMT
last-modified: Tue, 19 Oct 2021 09:20:51 GMT
content-type: image/jpeg
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 11510
x-xss-protection: 0
server: sffe

GET
H3 200 47512218_20211018102124848_img_5_short-trip_mobile_australia.png
s0.2mdn.net/ads/richmedia/studio/47512218/ Frame ED74 466 KB
467 KB 24ms
19ms Image
image/png 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20211018102124848_img_5_short-trip_mobile_australia.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

cf5322d37cca0f0adb03dee1e04d10173dcc5484d3a58756ce07951413995aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

age: 40616
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 07:32:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 07:32:30 GMT
last-modified: Mon, 18 Oct 2021 17:21:25 GMT
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 477643
x-xss-protection: 0
server: sffe

GET
H3 200 47512218_20211019022038880_img_1_short-trip_family_australia_300x50.jpg
s0.2mdn.net/ads/richmedia/studio/47512218/ Frame ED74 39 KB
39 KB 24ms
20ms Image
image/jpeg 142.250.67.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20211019022038880_img_1_short-trip_family_australia_300x50.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f6.1e100.net

Software

sffe /

Resource Hash

8cc4ea82debd8f11cdf4f8508efdf01f9102fef87235422fcedf18d818c29db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://s0.2mdn.net/sadbundle/11123511781932539772/index.html?e=69&leftOffset=0&topOffset=0&c=DluORwVKAR&t=1&renderingType=2&ev=01_253

Response headers

age: 23850
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 12:11:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 12:11:56 GMT
last-modified: Tue, 19 Oct 2021 09:20:38 GMT
content-type: image/jpeg
cache-control: public, max-age=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 40045
x-xss-protection: 0
server: sffe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C926 42 B
65 B 150ms
147ms Fetch
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvs7dkf01_ffDCEZirawTxwztLFedAPOOGiSKDI9ziwixwZ-A7FSepza0r1fb5nvbkrNXEg-kv9xC9I9wqtRw0WJkwLZ7G4SQ48Aa0LhgZkbwzTMyGOZ1SGQL5iqKNLScJU8LiEJozj9w&sig=Cg0ArKJSzFi0Diycn1pGEAE&id=lidar2&mcvt=1000&p=0,0,50,300&tm=1030.1999998092651&tu=30.699999809265137&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20250521&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=1677116860&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4430456500&rst=1748371764108&rpt=1415&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 18:49:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 pages.dev Show response
gurgle.zdbb.net/clear_fpid/ 2 B
226 B 245ms
244ms XHR
text/plain 34.202.218.7
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://gurgle.zdbb.net/clear_fpid/pages.dev
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.218.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-218-7.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: Content-Type, Cache-Control
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 2
date: Tue, 27 May 2025 18:49:26 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS

POST
H2 200 pages.dev Show response
gurgle.zdbb.net/clear_uids/ 2 B
226 B 290ms
288ms XHR
text/plain 34.202.218.7
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://gurgle.zdbb.net/clear_uids/pages.dev
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.218.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-218-7.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: Content-Type, Cache-Control
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 2
date: Tue, 27 May 2025 18:49:26 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS

POST
H2 200 clear_c Show response
zdbb.net/ 2 B
256 B 422ms
421ms XHR
text/plain 44.240.150.157
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://zdbb.net/clear_c
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.240.150.157 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-150-157.us-west-2.compute.amazonaws.com
Software: Ziff Davis BuyerBase /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 2
p3p: CP="ALL DSP COR NID"
date: Tue, 27 May 2025 18:49:26 GMT
content-type: text/plain; charset=utf-8
server: Ziff Davis BuyerBase

GET
H3 200 3zhzaWtBSIBleekZA0oPQq4pHiK3jhV5AuyTkGLawHs.js Show response
pagead2.googlesyndication.com/bg/ Frame ECD3 58 KB
22 KB 2ms
2ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3zhzaWtBSIBleekZA0oPQq4pHiK3jhV5AuyTkGLawHs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

df3873696b4148806579e919034a0f42ae291e22b78e157902ec939062dac07b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

content-encoding: br
age: 91206
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 17:29:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 17:29:20 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 22568
x-xss-protection: 0
server: sffe

POST
H2 200 pages.dev Show response
gurgle.zdbb.net/clear_fpid/ 2 B
226 B 508ms
506ms XHR
text/plain 34.202.218.7
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://gurgle.zdbb.net/clear_fpid/pages.dev
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.218.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-218-7.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: Content-Type, Cache-Control
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 2
date: Tue, 27 May 2025 18:49:27 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS

POST
H2 200 pages.dev Show response
gurgle.zdbb.net/clear_uids/ 2 B
226 B 352ms
350ms XHR
text/plain 34.202.218.7
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://gurgle.zdbb.net/clear_uids/pages.dev
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.218.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-218-7.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded
Referer: https://umbrella-zip.pages.dev/

Response headers

access-control-allow-headers: Content-Type, Cache-Control
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 2
date: Tue, 27 May 2025 18:49:26 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS

POST
H2 200 clear_c Show response
zdbb.net/ 2 B
256 B 274ms
271ms XHR
text/plain 44.240.150.157
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://zdbb.net/clear_c
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.240.150.157 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-150-157.us-west-2.compute.amazonaws.com
Software: Ziff Davis BuyerBase /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://umbrella-zip.pages.dev
content-length: 2
p3p: CP="ALL DSP COR NID"
date: Tue, 27 May 2025 18:49:26 GMT
content-type: text/plain; charset=utf-8
server: Ziff Davis BuyerBase

GET
H2 200 check Show response
jogger.zdbb.net/ 5 B
232 B 896ms
461ms XHR
text/plain 3.232.4.118
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://jogger.zdbb.net/check?href=https%3A%2F%2Fumbrella-zip.pages.dev%2F
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.4.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-4-118.compute-1.amazonaws.com
Software: /
Resource Hash: 4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: max-age=164937
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 5
date: Tue, 27 May 2025 18:49:27 GMT
content-type: text/plain; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control

GET
H2 200 pmw1_1 Show response
choices.trustarc.com/jsi/ Frame C926 1 KB
2 KB 356ms
199ms Script
text/javascript 18.67.110.70
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://choices.trustarc.com/jsi/pmw1_1?aid=tradedesk01-mw&pid=tradedesk01&cid=hzurpis_nsfarco_bnes1t4n&w=300&h=50&c=tradedesk01cont1&base=te-clr1-ba82c358-e806-4d0f-bd01-800ffc914131&rand=b417

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=hzurpis_nsfarco_bnes1t4n&c=tradedesk01cont1&js=pmw0&w=300&h=50&sid=0&dsarequired=&dsabehalf=&dsapaid=&dsaparams=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.110.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-110-70.syd62.r.cloudfront.net

Software

nginx /

Resource Hash

c9d6753860efacfb021c08e9c6893e1a3b83a2b9d9cb87c35b8f6b2cbea115f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
expect-ct: max-age=31536000
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: lTgKNjLeH_YyduAjo7J18fc_kxpGYMhfZZ3N46gAkn3_s4oH-c0wxw==
date: Tue, 27 May 2025 18:49:27 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cross-origin-resource-policy: cross-origin
referrer-policy: origin
via: 1.1 1d79c793a8ae16fbcc3957bd18e4b392.cloudfront.net (CloudFront)
permissions-policy: geolocation=(), microphone=(), payment=()
cross-origin-embedder-policy: unsafe-none
content-length: 846
x-xss-protection: 1; mode=block
x-amz-cf-pop: SYD62-P2
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 093F 42 B
65 B 155ms
154ms Fetch
image/gif 172.217.167.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstapC1Zd326GoqmAegdWbtrNWZvN_3jHOjqq9wQl9P034wnKI6BkhIgYgmncQPuNwMg1IrykW6HlHIl_0rrabMaKXa__EL5Jukf6yYdOQtmAZd1mJsd_Um5v2qMKk3V-nAWR2hZVhvZyogevP6roGuJklIN6OgbQaTfYoMmkbNFMxvDDWc&sig=Cg0ArKJSzG_XQ8nXhayEEAE&id=lidar2&mcvt=1002&p=1150,450,1200,750&tm=3493.800000190735&tu=2492&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20250521&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=4226278064&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4430456400&rst=1748371763344&rpt=3182&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 27 May 2025 18:49:27 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 get Show response
choices.trustarc.com/ Frame C926 19 KB
6 KB 3ms
3ms Script
text/javascript 18.67.110.70
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://choices.trustarc.com/get?name=pmw2.js
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=hzurpis_nsfarco_bnes1t4n&c=tradedesk01cont1&js=pmw0&w=300&h=50&sid=0&dsarequired=&dsabehalf=&dsapaid=&dsaparams=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-70.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 80ac79e2b323f817ddf6baef42c8ddf4fbb802386d12091323252af08059efff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
age: 1649872
expires: Sat, 07 Jun 2025 16:31:35 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: KJ1-JSOtxEOhr2ZcapU3E4bx65w4mjxiTNgOvejaCrwbBJB7xRb7Rg==
date: Thu, 08 May 2025 16:31:35 GMT
content-type: text/javascript
last-modified: Wed, 10 Jan 2024 03:10:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
timing-allow-origin: *
pragma: public
via: 1.1 1d79c793a8ae16fbcc3957bd18e4b392.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SYD62-P2
server: nginx

GET
DATA 200
OK truncated
/ Frame 24F7 453 B
453 B Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc4b745522582a78432e3a87ecbdfa4d34e4bf930b8e2bd6abc62c4a60dcd25b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/png

POST
H2 204 collect
analytics.google.com/g/ 0
0 104ms
102ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KKLSRK6J1Z&gtm=45je55m0v879908529za200zb6359835&_p=1748371760412&gcs=G111&gcd=13v3v3v3v6l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635&cid=729404574.1748371765&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEIAAAQ&sid=1748371765&sct=1&seg=0&dl=https%3A%2F%2Fumbrella-zip.pages.dev%2F&dt=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&_tu=AAg&_s=2&tfd=10589
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&cx=c&gtm=45He55m0v6359835za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8
Referer: https://umbrella-zip.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://umbrella-zip.pages.dev
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 18:49:30 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=14461

Domain: crb.kargo.com
URL: https://crb.kargo.com/api/v1/dsync/ID5?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&r=https%3A%2F%2Fid5-sync.com%2Fc%2F718%2F1785%2F1%2F8.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

236 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 15:15:31	Name: lidid Value: 9df78ace-fc64-4fb1-98ff-36a42c0aec7c
.umbrella-zip.pages.dev/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .umbrella-zip.pages.dev
.umbrella-zip.pages.dev/	1970-01-21 15:15:31	Name: _lc2_fpi Value: b4a6dd0db1df--01jw9h7rst4e4vrx8c13zra8sw
.umbrella-zip.pages.dev/	1970-01-21 15:15:31	Name: _lc2_fpi_meta Value: %7B%22w%22%3A1748371759930%7D
umbrella-zip.pages.dev/	1970-01-21 05:39:35	Name: _lr_retry_request Value: true
umbrella-zip.pages.dev/	1970-01-21 06:22:43	Name: _lr_env_src_ats Value: false
.umbrella-zip.pages.dev/	1969-12-31 23:59:59	Name: _lc2_fpi_js Value: b4a6dd0db1df--01jw9h7rst4e4vrx8c13zra8sw
prism.app-us1.com/	1970-01-21 06:22:43	Name: prism_478502367 Value: 1e0fc474-444d-47ab-a3e8-b3e79491e1c3
.liadm.com/	1970-01-21 15:15:31	Name: lidid Value: 9df78ace-fc64-4fb1-98ff-36a42c0aec7c
prebid.media.net/	1970-01-21 09:58:43	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 14:25:07	Name: receive-cookie-deprecation Value: 1
.umbrella-zip.pages.dev/	1970-01-21 14:25:07	Name: 33acrossIdTp Value: 2Tut5wUO%2FcQAOz5O89vzP8eDd3URau0UcP2H134mdno%3D
.rubiconproject.com/	1970-01-21 14:25:07	Name: khaos Value: MB6VEL0F-23-AC8J
.rubiconproject.com/	1970-01-21 14:25:07	Name: audit Value: 1\|vrQFTTzbUd4SpA+cUl84/CsXimEb8SqZns3eFqrkYMxg8xvNEQNcYwSszmzIVGcicv7vJGXTa3Z/TRyYYsgsDIAXuoDlYL8A2zhb5w/kJo0ijy0RC4Zd8SKPLRELhl3xGLmP30iNJH4=
.sharethrough.com/	1970-01-21 06:22:43	Name: stx_user_id Value: 89eabad6-83ad-4baa-b551-97a7447c693e
.adnxs.com/	1970-01-21 07:49:07	Name: icu Value: ChgIo9cnEAoYASABKAEwspLYwQY4AUABSAEQspLYwQYYAA..
.adnxs.com/	1970-01-21 07:49:07	Name: uuid2 Value: 5837088198247345251
.umbrella-zip.pages.dev/	1970-01-21 05:39:31	Name: lotame_domain_check Value: umbrella-zip.pages.dev
.umbrella-zip.pages.dev/	1970-01-21 12:08:19	Name: _cc_id Value: 54107353b6a7350773470c152fd5930
.umbrella-zip.pages.dev/	1970-01-21 05:49:36	Name: panoramaId_expiry Value: 1748976561463
.umbrella-zip.pages.dev/	1970-01-21 05:49:36	Name: panoramaId Value: 532e36d19e8cef91f334a303b787185ca02c1793560a6111a5ae41536e533e1a
.umbrella-zip.pages.dev/	1970-01-21 05:49:36	Name: panoramaIdType Value: panoDevice
.umbrella-zip.pages.dev/	1970-01-21 15:01:36	Name: cto_bundle Value: mrmt2l9PeThTaEN6UnBVWEZzdkx2NnRVdllpN2dkclR2RGJudFNWN01qbmJQaWdUOGhLOGFobjFNNGx2N0JtJTJGUzJSOGpyck9iVXpMZnZQZTNTZEZVa3pKSEtrcGFHZk1teW5mS3l1bEt3OGFTSFpGVjl2UEpTYlpLY3ElMkZiTiUyQlVobzZOZWY1TTIwM25DY3hNU3M2UG90akdpUHpPVHZMTlpiTDZuZEdFUkNXOVNiUkpHOXN0YXlmdUV3a1NsdWVYYmRUJTJGbg
.umbrella-zip.pages.dev/	1970-01-21 15:01:36	Name: cto_bidid Value: U9acxF9kNk5FRTdNbnUxeGZzZ3U3dzhiMnNFWFVtbzE5RkdPaEQ1aWVzM0x2NmY3MEJOcHkwR0NMMWE1Qk1kVFRmbElwJTJGQks4ZlVNb2lqZWRtejNkMmdTVmFKMjZ4ZlFBWUc0SEZRalIwSXpJQlAlMkJJN29GS3d6d0xiYkZDM0hhJTJCJTJGZTVY
.doubleclick.net/	1970-01-21 05:39:32	Name: test_cookie Value: CheckForPermission
.umbrella-zip.pages.dev/	1970-01-21 15:01:07	Name: __gads Value: ID=49005189176a6be9:T=1748371762:RT=1748371762:S=ALNI_MYH3rf2yvo3tZs0kUgjaMPiTruqtA
.umbrella-zip.pages.dev/	1970-01-21 15:01:07	Name: __gpi Value: UID=000010f514ec09d6:T=1748371762:RT=1748371762:S=ALNI_MYoAmxn56omq166cpu69mF4GPn4jA
.umbrella-zip.pages.dev/	1970-01-21 09:58:43	Name: nol_fpid Value: pj69c20s9vaetsxv1de8els8uslfr1748371763\|1748371763566\|1748371763566\|1748371763566
.imrworldwide.com/	1970-01-21 15:01:07	Name: IMRID Value: 4ed21a30-3b2b-11f0-972c-f1fb355c85ca
.adsrvr.org/	1970-01-21 14:25:07	Name: TDID Value: 18170998-4185-4ff9-9ffa-95189d075bee
.casalemedia.com/	1970-01-21 14:25:07	Name: CMID Value: aDYJNIsFVhQAFzi5AOz.fgAA
.casalemedia.com/	1970-01-21 07:49:07	Name: CMPS Value: 4940
.casalemedia.com/	1970-01-21 07:49:07	Name: CMPRO Value: 4940
.umbrella-zip.pages.dev/	1970-01-21 07:49:07	Name: _gcl_au Value: 1.1.1813422859.1748371765
.umbrella-zip.pages.dev/	1970-01-21 15:15:31	Name: _ga Value: GA1.1.729404574.1748371765
.umbrella-zip.pages.dev/	1970-01-21 15:15:31	Name: _ga_KKLSRK6J1Z Value: GS2.1.s1748371765$o1$g0$t1748371765$j60$l0$h0$d_wh4KcSnW1wy1Ejt6r04eZjTUigtByt0jQ
.doubleclick.net/	1970-01-21 06:22:43	Name: ar_debug Value: 1
.id5-sync.com/	1970-01-21 07:49:07	Name: id5 Value: 01d2b6ff-73d7-7926-bcc8-4438c7fcfc1d#1748371761022#4
umbrella-zip.pages.dev/	1970-01-21 06:22:43	Name: fu Value: 1
.adsrvr.org/	1970-01-21 14:25:07	Name: TDCPM Value: CAEYASABKAIyCwiik_H4vdaOPhAFOAFaBzhoOXUxMWhgAg..
.semasio.net/	1970-01-21 14:25:07	Name: SEUNCY Value: 7711C13E4AFD79
.adform.net/	1970-01-21 06:24:10	Name: C Value: 1
.adform.net/	1970-01-21 07:05:55	Name: uid Value: 9116353433582422896
.tapad.com/	1970-01-21 07:05:55	Name: TapAd_TS Value: 1748371768879
.tapad.com/	1970-01-21 07:05:55	Name: TapAd_DID Value: 027fe82e-4468-43fb-a2e6-62684c63bbe7
.tapad.com/	1970-01-21 07:05:55	Name: TapAd_3WAY_SYNCS Value:
.mathtag.com/	1970-01-21 15:05:26	Name: uuid Value: 74806836-093a-4b00-b099-21de55bba6dd
.id5-sync.com/	1970-01-21 07:49:07	Name: 3pi Value: 112#1748371767487#1581262957#7711C13E4AFD79\|2#1748371766247#1631227208\|3#1748371770426#2066323352\|264#1748371766636#1305208570#18170998-4185-4ff9-9ffa-95189d075bee\|10#1748371768621#-1642147152#9116353433582422896\|108#1748371769233#-260008662

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://umbrella-zip.pages.dev/ Message: Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=14461' from origin 'https://umbrella-zip.pages.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=14461 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://umbrella-zip.pages.dev/s/fonts/Montserrat-Italic-VariableFont_wght-hint-all.woff2 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://umbrella-zip.pages.dev/s/fonts/gaugemono-regular-webfont.woff2 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://umbrella-zip.pages.dev/s/fonts/Montserrat-VariableFont_wght-hint-all.woff2 Message: Failed to load resource: the server responded with a status of 429 ()
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D05100542A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0408D04542A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4734.casalemedia.com
aax.amazon-adsystem.com
ad.doubleclick.net
ajax.cloudflare.com
analytics.google.com
api.rlcdn.com
b.cdnst.net
bdd8121b9f445b471b6fcb349ac82ea8.safeframe.googlesyndication.com
bee.imrworldwide.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.ltmsphrcl.net
c2shb.pubgw.yahoo.com
cdn-gl.imrworldwide.com
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.static.zdbb.net
cdn.ziffstatic.com
choices.trustarc.com
choices.truste.com
client.aps.amazon-adsystem.com
config.aps.amazon-adsystem.com
crb.kargo.com
d0.eu-3-id5-sync.com
d0.eu-4-id5-sync.com
d1.eu-3-id5-sync.com
d1.eu-4-id5-sync.com
d2.eu-3-id5-sync.com
d2.eu-4-id5-sync.com
d3.eu-3-id5-sync.com
d3.eu-4-id5-sync.com
d4.eu-3-id5-sync.com
d4.eu-4-id5-sync.com
d5.eu-3-id5-sync.com
d5.eu-4-id5-sync.com
d6.eu-3-id5-sync.com
d6.eu-4-id5-sync.com
d7.eu-3-id5-sync.com
d7.eu-4-id5-sync.com
diffuser-cdn.app-us1.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fastlane.rubiconproject.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
grid-bidder.criteo.com
gum.criteo.com
gurgle.zdbb.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idx.liadm.com
jogger.zdbb.net
js-sec.indexww.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
pagead2.googlesyndication.com
prebid.media.net
prism.app-us1.com
rp.liadm.com
rtb.openx.net
s0.2mdn.net
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
sg2-bid.adsrvr.org
sm4wbr2q3dpcf3f6sl3audnwhm9w51748371763.nuid.imrworldwide.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
umbrella-zip.pages.dev
www.google.com
www.google.com.au
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
zdbb.net
api.rlcdn.com
crb.kargo.com
103.43.91.17
104.16.175.226
104.17.31.174
104.17.73.14
104.18.128.216
104.18.24.18
104.18.26.193
104.18.28.101
104.22.52.86
108.158.20.65
108.158.21.92
108.158.32.13
108.158.32.39
108.158.32.77
13.251.204.29
135.125.140.162
135.125.146.80
135.125.146.82
135.125.146.86
139.5.86.204
142.250.204.10
142.250.204.3
142.250.66.194
142.250.66.226
142.250.67.1
142.250.67.4
142.250.67.6
142.251.221.66
142.251.221.78
151.101.130.219
162.19.138.116
162.19.138.83
172.217.167.66
172.217.167.74
172.217.167.99
172.217.194.155
172.66.44.90
172.67.36.110
173.194.174.132
18.65.244.106
18.67.106.137
18.67.110.28
18.67.110.70
18.67.110.93
18.67.93.103
18.67.93.59
182.161.73.172
207.65.33.78
216.239.36.181
23.32.5.175
23.46.10.201
3.232.4.118
3.25.26.222
3.33.241.113
34.120.63.153
34.202.218.7
35.227.252.103
35.244.193.51
44.240.150.157
51.195.126.30
51.195.127.115
51.195.34.222
51.195.34.255
51.195.73.113
51.195.73.71
51.195.73.74
52.203.250.10
54.169.72.96
54.225.240.34
54.255.192.26
54.66.34.108
57.129.92.70
64.233.188.132
64.233.188.97
69.173.158.65
74.119.117.17
74.125.203.95
00e3bc05f59be2a1faacba16a7c0fba7de267a60f2e88c04789e4ffe0dfb6056
019861425cded660bfef7bd9c28a9c113e067d63b3ec5863f0d38deb23c82ba8
0210bcf8c6f9fb41e1db722e8ec3c318101342f5922c59331321c993df1720d1
0256975807861eaeac302914b22c4180e56f626c2f236bf1cf2285c7e721b745
04ebb9581c92bf0f5666b486c2934dce578c4fa458a79d985eadae09bb6986e7
05bbe34f085df7073215e3888998182a390ec3cdfe4c231c6042f136797ddecb
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07057b0a66609363a632eae47aef5ebf886480d8547c8d4fa02d06f69d192e24
077cd237ac75e4c5da09de097766389440988e9e934a577e188fc54828c66802
097faced3cb0ce59343c6c12752f017fa8060eaa64ea17d25cd90f12e04a4627
0d23c759f4302ff762012a6ff00cbd124858dd9b387ea06eafa727c5e726fd77
1068972a69114a581a6fea9f4711452d6978e4aa10fcfa99430d32558f3c1426
10b04d520c3f457db66e9deaf4232c2ce333f9e588da7d9fd13a904d17ae520f
11084de664d888933874102638926c6686af22a88f1805fc3d4f55ba91b2d816
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7
1b7dae0db48b4096db0d72ceb798d500974825ca5eb1700d7b2a88d76591e360
1bf7c11f76ae4c8a7368b1bba36ab94181eee6fe5636f355d9ff42c73bffee0d
1d1651d91488d8e6357d29c08174475d886c695a2a9101ab4c73efd0137ad3ef
1f0d95faac096d6f37a1dae8a792d7d8ef9d854e59363bddf09fb5487e8ca360
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
21b89b3adc6259f9563fc1cdcdd31c652635b251ea244f3d4bc705264479da9d
261007c1617134bb5acb2e77f926d584d6c31bbfa6979c55a09f8b8c34f25fb1
26431001e5f5d584317e61cf34fae2a4418761ada229d00558f826f4e7ab17dc
26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3
308713a4824fa8f19b7b9305a93189d25a412bd838d1773b1ff81c260fc3cda0
30cabd65315139eaac2a9d894be6dfbacc9364599dead8c493eccf3d101e44f5
3172ff5d159f6117fc52031189ca925a26bd4e935e32566f82fecbf87340d562
32b79f49ad238f7718e7ba9aa4cbb32e74a8a11a8a32dbcfdbfa926228c783f5
35294036ae0262e2ce552328e7b9fe98f9f7edbdc2bf8caa29a8727280b6f0e1
35b384bb05910ed7d48bd862cd68e26612295c2019ae64a59984908292fd5bad
36cd7339bca1290ac47d93c669e347f064ae47cd46e6eabc9e2c8ed6e48b12a8
3702675bb100b35f2cc13c2d7e830a1abb3d645ddeb6a2155be81d777d21dfa8
380d98de8faf5128fd376da11021b7fbc3ea3e3ef6b16bd7608b651fdbf51d10
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3b1b78dc0bec6c4c5e65036a6d67c15a91ae2fc807f61ddab5ddccc3483cb9c5
3b7af5e43ebdaa759e5bde45474407b2532166104111501438592fbf5d4f634b
3c1b393f43c62c7b3a8b3790ded93f1846f62e075dff3b682fe3bd5a6fa3b4f4
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43
4078fb2d0c5a600e8b7921384e44cde7d80c1fd084360c7fedd517e230305184
414eef74ac6306127645beddc4f34f59a6ea3994e410f188481d736b01ee4b65
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453f0207133bfce8eb955f49f02a6f73e3e3db055ef7ac0ce9f211190ada6ba8
45a37db567f9e62a24f73e651c5080e78afc93f89bc2d6849e72886ab2e0d4af
47362f03763fafea173fabaa570f4054c7931e5f8d1e6f6daa2b08cafae41cd3
4a0a8bb6e2640343f5d22157302b2582c85c2407d1e191af8f454e56053fb6ab
4a8af5aa446aa597a56eeac5434c47113c6cdff050ad590f7114a1228e283bf0
4a8dee255d9e06c0519956cf2d02f4a7b49128eccb02df7946b00b48762d11dd
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
4d8c11f9662f684be645204dcdd5174d511bc34bf071d9250c5d435b3298d5cb
4da3a53d30501adaadc5f661dd230b46c944142308038c8e0803aab976b2ba94
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4eba41017ab03d1f0c3d54b513c576ad7966d1634cd827bcddf206f9be174d02
53548487e081529c7956c3150ec5305ab53d8d5255ad401bcf8d73f8b1f4a4b6
53ef39c91fa4b4f2d68d15483dcd7a2bc4b089c954e7b5a6808c6560740c887f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7
5825a9fe2b87b5166e786ba18b8d586a958b0da783f6315d16a39a363cec4dcd
5a275e0512b33fb7c89f1842e0edf7191e4fbc98cdc2bb7dd602d37c5f543271
5b177427a8a4504f32a6368e0fb576cd6751920ab0fecd296c5d853688e90563
5e651eccd60de626d91c9496f381de740e7cc13bed8554f886bf76f7520296d0
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60fe6df1276d1338d90c0ca63e5b86240f1babe7f6be262e95294b128c130299
630dcb1aea14b0b32672353c6718f225a51122da1e170c35185ed4177b3489cd
638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef
64142ab15fe359eee6c9c6fbc0494b14bebb33c91766d97c3da40a13eccc18b6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d
6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2ac01d7c6c67246b16a0456c365ba632452080d528192fa8aedeb8951bd30c
749a50e3d1a398ae93d82438ce345c27c768d9deef91820cc820a908eb7abc03
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
7a908d8da60ab3410a2aa6799ccbb446ee5e5d443daaae6057ebcb646c76dadd
7b2669736565cf357ad02fb29b5a1577dde4f0f6c8cb1044695bd70f1a5ce43d
7dc78c5c119373b361b76d7e9c1b2759725163789661df908ee4cd8faf842676
7f39a67694e1e75d2397d367b305c7e0b8f5040fb03f98d438d1b3a27470837e
80ac79e2b323f817ddf6baef42c8ddf4fbb802386d12091323252af08059efff
827058eac57d2fc3d1d5fbd7607f4a903e15fae10761d418b54100e1a952da65
8412bee71fd6ad9a2a2a015b74878642134ad84dd7e7521cce26bb41c70d62db
84582fea915c1fb96887b29093d15cb9db256c7635ad2567178abc5c725721d5
860539ec4f3ee0e11aa746e6d001bfce5654a5b6101563e17cfa4716cfdc4335
8744e6e03e8351a2d8ed7201986fcf27140d59a4448407a239e736ff44941c05
8a9bf3001c757b15eb047be335b34fbff6030295de67def0a6e7f688ea1f57a7
8cc4ea82debd8f11cdf4f8508efdf01f9102fef87235422fcedf18d818c29db5
91a9c8cbfc3ea2b3cc87932aeb20510deb7d33da686aa4e4ae7d343c2a475945
93d0e07268c1c2012e717c33850712bb55c35f57e5a003b5a80871f410008f5c
96b5f9dbcc045c9cf87c638c95d30fedd04c282ef43e9f9a48f5890dce22a0b3
9749b8a94da6accfb9f4636235fafcbd2335c84d551cd410f8ba20374388dac8
97cdf067606c37c831a54b3ffc71cafb94ff1f4db84a1ba620b2e9e43cc1084d
9a9126a0d891152df81e30594b84865932d179c53716b837c4154adf2244649a
9c2e36e9693330858e69037e325b2a76eb17f7df4e7920d7cdd0a0dae11ad189
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
a39ec41d958b9d96bc248b857ab2c6f3f35c092147a79b8d603bb7938042711b
a4d2c91234d76c14551fff4ff2c42cf835ce8238ecf505fe945eec2bc1d543bc
a59b2b22e300ce70318472535dbafb209b1c05a798293369fb642ecd35471c77
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
a8d118dee2b65453750d7ab756ecfacb3164f4f4ffa99e12e0a7b677d12e0671
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58
aea75483e6961d526af59b5a09af5fb3262d7ce210e90e590162e4613c9f06b2
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b288547c0e12829743c0bacf70293b253ecb31be06abd84dcfe01dbe7d5dcc53
b3d211db7fb30e2ab2fc2129ccb02da493ca718338d04f5b177cf6552d33334f
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b70acabfec3024b0ca21c8847693536dd931b2d012d596cb979d74c972a4a6e2
b86ace36e568ecbb5e51b1c1af132239998761939fbc632f3a91c6b9fbe29ebb
b8ec4458f8db821eb610d3a950d143f1dd4ed4a0c9a323de0b4067364d1385f2
bc4b745522582a78432e3a87ecbdfa4d34e4bf930b8e2bd6abc62c4a60dcd25b
be34dc89f1f75b4c1a9eb9c3be5884e29f91cfbea4d7b8c536b5f78dbba849da
be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d
bfa5d0a7f4e81c2f09bba8a2de6a24bc874c062acd0aaf651a998cb16579b237
c0193511cfcd9864e09c2e7175e6d22d6f1e0ad9199b4dc404197a2c65358e93
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c337a7f06ba5ef0422aa07fe6541b2808f6ade4b7ecfef491d2c0d8876ace74f
c36ab6bb1485595973118d995016961c44a743452faacf3726cc31775e1c1517
c5d5575d81c2b07ff3064aa426d7c4152206b7907903c2b8a29bce96ac3fd3b2
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c68cdb813008bfd13f584759e4b7672eb096bbb6b6f54613c0511d230ce48845
c9d6753860efacfb021c08e9c6893e1a3b83a2b9d9cb87c35b8f6b2cbea115f1
caca9270c3bccfaa6645272295c7c53725a58b506f34d64645d94b30be6968f5
cf5322d37cca0f0adb03dee1e04d10173dcc5484d3a58756ce07951413995aed
d0b43e4951d14ab5d1691aaa4a1809dfb99dbde40e18b5086e06a7d21c154bbb
d2b1d84fb32ab7c99f8c3081bf8de3cb6847300f8949f90a61c59974f867694f
d3c3db2b5256d7c5fa7f2502e752ced784853fe0fdd01d8a219bd9e041a579c7
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
d50ca1370fed9db96f702bd1a5d94e80945d65e12e5ed77d21a39b20a5323a41
d66c408f2d22f32c480961298e6fba83ca59fe57386f9e6726a47c27553aad90
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
df3873696b4148806579e919034a0f42ae291e22b78e157902ec939062dac07b
df3dff96370d9840b1d83f5afb692baf82d64da3fafe0714588e7e4b3d707860
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c
e0971910cdc9f2e2935dda6d6f8018a6e55c690808334cd6de4b7c85b320b2ee
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2b4f5e11c0b73429c3ede6bcd9c9b99e7c8fe596c7d0a29e6639ad678d21c
e4aaea7540e883c568da1b6fc2d7c5318750d07e3b6656925e1012f5b06b7788
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e551239f9d963f64d1fd39d40285586400f4073acda91be5658c32117f6bc6ae
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f296b7388d26c659d451819449df427b865bbe63cd2d9dd1e814f3f10e81446c
f401201bf19e9fe9542fc5261acc0535464e8988438001c62c289d5c16004ec1
f40d718d090a7d9fa4db0b9c2570cb05f7729e6c998c32c1c688f421ca7ac8c0
f413ed52238836f8e47dbe95fb447bbafbe200ffc0795325e53fdf3d1796768d
fab81a74c702eb222126cb70f192c9af5f22fd272686ef451c7da6616d9daed8
feb474603faa13bef8b7a2be1e5cae02469d9f3bd0545dd56344b8b4b9383d56
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

umbrella-zip.pages.dev Open in urlscan Pro 172.66.44.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

217 Requests

98 %HTTPS

0 %IPv6

45 Domains

84 Subdomains

78 IPs

10 Countries

4822 kBTransfer

14604 kBSize

48 Cookies

23 Outgoing links

Page URL History

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

umbrella-zip.pages.dev Open in urlscan Pro
172.66.44.90 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

98 %
HTTPS

0 %
IPv6

45
Domains

84
Subdomains

78
IPs

10
Countries

4822 kB
Transfer

14604 kB
Size

48
Cookies

217 HTTP transactions
3 data transactions