URL: http://rebelscum.com/
Submission: On July 24 via api from KR

Summary

This website contacted 29 IPs in 3 countries across 21 domains to perform 175 HTTP transactions. The main IP is 104.156.250.80, located in Piscataway, United States and belongs to AS-CHOOPA, US. The main domain is rebelscum.com.
This is the only time rebelscum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
48 104.156.250.80 20473 (AS-CHOOPA)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 51.77.64.70 16276 (OVH)
9 142.250.181.226 15169 (GOOGLE)
1 6 52.58.185.65 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 13.226.145.39 16509 (AMAZON-02)
3 35.156.146.15 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
3 6 142.250.184.194 15169 (GOOGLE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
2 3 37.252.173.38 29990 (ASN-APPNEX)
1 18.195.172.136 16509 (AMAZON-02)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 2 63.32.159.255 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.184.226 15169 (GOOGLE)
175 29
Domain Requested by
26 rebelscum.com rebelscum.com
www.rebelscum.com
24 s0.2mdn.net rebelscum.com
s0.2mdn.net
d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
22 www.rebelscum.com rebelscum.com
www.rebelscum.com
20 tpc.googlesyndication.com rebelscum.com
securepubads.g.doubleclick.net
d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
s0.2mdn.net
16 cdn.ampproject.org securepubads.g.doubleclick.net
13 pagead2.googlesyndication.com d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
rebelscum.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 securepubads.g.doubleclick.net cdn.adligature.com
securepubads.g.doubleclick.net
rebelscum.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.google.com 2 redirects rebelscum.com
tpc.googlesyndication.com
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 googleads.g.doubleclick.net rebelscum.com
d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
3 unpkg.com 2 redirects
3 pre.ads.justpremium.com us.ads.justpremium.com
cdn.justpremium.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 tracking.justpremium.com rebelscum.com
3 us.ads.justpremium.com 1 redirects rebelscum.com
us.ads.justpremium.com
3 cdn.adligature.com rebelscum.com
cdn.adligature.com
2 discovery.demdex.net 1 redirects d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net rebelscum.com
2 www.googletagservices.com securepubads.g.doubleclick.net
d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
2 cdn.justpremium.com 1 redirects rebelscum.com
2 d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 connect.facebook.net rebelscum.com
connect.facebook.net
2 www.google-analytics.com rebelscum.com
2 cdnjs.cloudflare.com rebelscum.com
1 ade.googlesyndication.com
1 code.createjs.com s0.2mdn.net
1 ad.atdmt.com d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
1 d.agkn.com d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.pl securepubads.g.doubleclick.net
1 pro.ip-api.com cdn.adligature.com
175 32
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-01 -
2022-06-30
a year crt.sh
theforce.net
Go Daddy Secure Certificate Authority - G2
2020-05-27 -
2022-07-25
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-05-26 -
2021-08-24
3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2019-11-05 -
2021-11-04
2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
tracking.justpremium.com
Amazon
2021-03-01 -
2022-03-30
a year crt.sh
*.google.pl
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.google.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
justpremium.com
Amazon
2021-04-04 -
2022-05-03
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA
2021-07-06 -
2021-10-04
3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA
2020-06-01 -
2022-06-06
2 years crt.sh
www.google.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh

This page contains 22 frames:

Primary Page: http://rebelscum.com/
Frame ID: B57DD0E66E57D5A0942010DE3868B901
Requests: 59 HTTP requests in this frame

Frame: http://www.rebelscum.com/ad.asp?h=379
Frame ID: 1437B27A235A9AEB41FA3044C154E76E
Requests: 2 HTTP requests in this frame

Frame: http://www.rebelscum.com/ad.asp?h=384
Frame ID: E6EEF273E80EDD65045CE6973EB0F305
Requests: 2 HTTP requests in this frame

Frame: http://www.rebelscum.com/ad.asp?h=380
Frame ID: 79EC1AAD299272EA8B56F857C379D652
Requests: 2 HTTP requests in this frame

Frame: http://www.rebelscum.com/ad.asp?h=395
Frame ID: 5F1D335C7F05EA507825E1C720B4E940
Requests: 2 HTTP requests in this frame

Frame: http://www.rebelscum.com/ad.asp?h=394
Frame ID: 6AC323662E22844DF134DEE0D18D2F39
Requests: 2 HTTP requests in this frame

Frame: http://www.rebelscum.com/ad.asp?h=393
Frame ID: C247948D62055D45DFE258DA40DA57C9
Requests: 2 HTTP requests in this frame

Frame: http://www.rebelscum.com/ir.asp?h=158
Frame ID: 92DD8A01635FEFD042C79512794AE32F
Requests: 2 HTTP requests in this frame

Frame: http://www.rebelscum.com/ad.asp?h=204
Frame ID: 40455B6B931885E685BD4ED5B0CEB66C
Requests: 2 HTTP requests in this frame

Frame: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 17372AEE41CC0D0D1D54894310C6D6DE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: 4DB229624405BF597155AC806E536388
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: E8B132A423A26508EC2C690FD3F3FF9D
Requests: 17 HTTP requests in this frame

Frame: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A88282A723CA798DD3BB7D0A1C57762
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: D8564F43FCFB8D1BE7E9F2E7E28656A7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-QQRCDya0CGOP2wa8BMAE&v=APEucNXG1bM2wBRuN6pLLB9UrgAElhqsagsXKMeoGNSCetyH3IPs1Gw1KmjEuwIeaFCoMVbtK74WpN6fhvrAB9MJFm3mj1hTsBTRTIvAwQ_YBHaEPss3TeA5hv_pyNer7tWX9InWTp5tKq0CvvlJ5mCmBMyJhDVZkD8ntE_EWLP3SziU5Men5DI
Frame ID: 870560D138B69562602E78B7861146D2
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
Frame ID: 32DB6FB3C63FE981C456868D3A68CEA5
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD770F0F79F8882DED452AAB785A0B54
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Frame ID: 2E1C53D0785DBDB0D657827447FF0625
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 49552FA7323D65D950A416153ABB5209
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B54F4FE663C53F700B20ABA7F780966A
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync
Frame ID: 10CFFC4516726E3609D01E0AA741E44F
Requests: 1 HTTP requests in this frame

Frame: http://tracking.justpremium.com/tracking.gif?rid=r-6920f583-27fc-4d76-8c02-5df0e999cd8f-14765-743781610&sid=r-10ae6e89-4bfe-4546-9dbb-86568d311580-14831-224078127&uid=&vr=v2.26.407&ru=http%3A%2F%2Frebelscum.com%2F&tt=1627092222696&siw=1042&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=eu-central-1&sd=&_c=ag3sl11627092222697&et=&aid=413732,413732,413732,413732,413732,439178,439178,439178,439178,439179,439179,439179,439179,439180,439180,439180,439180,439180,439181,439181,439181,439181,439181,439439,439439,439439,439439,439439,439439,421368,421368,421368,421368,421368,421368&said=1057252,1057254,1057253,1057251,1192765,1173690,1173691,1173692,1173693,1173694,1173695,1173697,1173696,1173698,1173699,1173700,1173701,1195154,1173702,1173703,1173704,1173705,1195098,1174834,1174835,1174836,1174837,1174838,1195174,1275639,1134002,1093829,1093830,1093831,1143270&ei=22347399%2C430423%2C19900489%2C541193082%2C1192765%2C543897065%2C22443924%2C21028789%2C430429%2C543897066%2C22443925%2C430432%2C21028790%2C543897067%2C22443926%2C21028791%2C430436%2C1195154%2C543897068%2C22443927%2C21028792%2C430430%2C1195098%2C543897868%2C146753%2C22444623%2C21033772%2C430439%2C1195174%2C421368%2C22406537%2C542319050%2C115840%2C20278754%2C430445&fc=wp,wp,wp,wp,wp,ca,ca,ca,ca,pd,pd,pd,pd,pa,pa,pa,pa,pa,sa,sa,sa,sa,sa,hv,hv,hv,hv,hv,hv,wv,wv,wv,wv,wv,wv&sp=1,39,32,22,42,22,1,32,39,22,1,39,32,22,1,32,39,42,22,1,32,39,42,22,24,1,32,39,42,42,1,22,24,32,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=111507&dr=101&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22cls%22%3A%220.000%22%2C%22ph%22%3A6466%7D&ty=ex
Frame ID: 9E959DE7AC35830EDA996FC1C8AF7048
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

175
Requests

69 %
HTTPS

57 %
IPv6

21
Domains

32
Subdomains

29
IPs

3
Countries

3974 kB
Transfer

6897 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Request Chain 4
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Request Chain 29
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 31
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 48
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=380602836&utmhn=rebelscum.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Rebelscum.com%3A%20Home%20Page&utmhid=1928967654&utmr=-&utmp=%2F&utmht=1627092220002&utmac=UA-2973792-2&utmcc=__utma%3D133095309.178846656.1627092220.1627092220.1627092220.1%3B%2B__utmz%3D133095309.1627092220.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=235398646&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=380602836&utmhn=rebelscum.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Rebelscum.com%3A%20Home%20Page&utmhid=1928967654&utmr=-&utmp=%2F&utmht=1627092220002&utmac=UA-2973792-2&utmcc=__utma%3D133095309.178846656.1627092220.1627092220.1627092220.1%3B%2B__utmz%3D133095309.1627092220.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=235398646&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Request Chain 58
  • http://us.ads.justpremium.com/adserve/js.php?zone=111507 HTTP 301
  • https://us.ads.justpremium.com/adserve/js.php?zone=111507
Request Chain 65
  • http://cdn.justpremium.com/js/v2.26.407/jpx.js HTTP 301
  • https://cdn.justpremium.com/js/v2.26.407/jpx.js
Request Chain 104
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 105
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOBNUiX96d9JOFtWhNAUlnk&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOBNUiX96d9JOFtWhNAUlnk&google_cver=1&C=1
Request Chain 121
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPt0-RRdUgmRanh5pUq-PgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOBNUiX96d9JOFtWhNAUlnk&google_cver=1
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBXbDW2ZH4a7o3iOV5PNNgA&google_cver=1
Request Chain 123
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUwODAyNjY0NDQ4NzExMjk3MQ%3D%3D
Request Chain 130
  • https://discovery.demdex.net/event?d_event=imp&d_src=488828&d_site=9232428&d_creative=154016848&d_placement=308572834&d_campaign=26181756 HTTP 302
  • https://discovery.demdex.net/firstevent?d_event=imp&d_src=488828&d_site=9232428&d_creative=154016848&d_placement=308572834&d_campaign=26181756
Request Chain 172
  • https://unpkg.com/web-vitals HTTP 302
  • https://unpkg.com/web-vitals@2.1.0 HTTP 302
  • https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

175 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
rebelscum.com/
54 KB
12 KB
Document
General
Full URL
http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e032b480f4b88e2b0cc9637dd3ffcd9c3e25a1e5920b12429630081325f58b7b

Request headers

Host
rebelscum.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ; path=/
X-Powered-By
ASP.NET
Date
Sat, 24 Jul 2021 02:03:38 GMT
Content-Length
12447
v3-style.css
rebelscum.com/
22 KB
5 KB
Stylesheet
General
Full URL
http://rebelscum.com/v3-style.css
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
985859f8de08c975344385e2beb2075b3308ecc0226611e3e787ade5d883c250

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 22:33:48 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"0eec4d0a476d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4349
V3-global.js
rebelscum.com/template/
124 B
544 B
Script
General
Full URL
http://rebelscum.com/template/V3-global.js
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ca9e241922969ebee8b557e27c164591e208cc6b44e4e1bed559006a8f435e6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jul 2021 22:33:35 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"95e912c9a476d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
236
rules.js
cdn.adligature.com/rs/prod/
17 KB
4 KB
Script
General
Full URL
https://cdn.adligature.com/rs/prod/rules.js
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5d0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87a5b478b0ae921eb014499f444e7b150baac04f6ffb06d6f3a7d5b66d01c968

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=HQYiXQ==, md5=KM88Giee7zHeHY7BeK0RAQ==
date
Sat, 24 Jul 2021 02:03:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8
cf-polished
origSize=33005
x-guploader-uploadid
ABg5-UyBvEMYHopG1qxSd406zv--RbhmS9E1RECijJc_knv0MgzyqW5g74ltMDit5NdwhEDg4PnjMw7CULCCVIy6l9_xxSojyA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 20 Apr 2021 14:47:01 GMT
server
cloudflare
etag
W/"28cf3c1a279eef31de1d8ec178ad1101"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltB9DTbP2Vqged4QlofD6TdKK21550wQhM9hRhIKn7nKub%2FazA5qd%2FkXA%2FRxeyj43lyz%2B%2Feff3qcencl36jHf1LH5StAEhzPBvz2VCS0bKSnDKAylVEEvEcLrMHHMUsMED7xWPjFSinx24%2FWLcmyeGc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1618930021470829
content-type
application/javascript
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
x-goog-stored-content-length
33005
cf-ray
673992c4db6e4ed9-FRA
expires
Sat, 24 Jul 2021 02:13:31 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
4 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1851462
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
948
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1h9lPjvFX3zor2QB9StKcMSK5bG34cy4ntEQpItdKYwYEjIr8aqSO6%2B%2Fr%2Fq45pez5wRCG2naKk2gMvWjXhF2gOQ5wfN0tQVr85PYFamwX7NKtLqibnHQBCwf31zgUQ%2Fr1na0PMlXLjxGIYOjZ4CLDHuL"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
673992c4df524e79-FRA
expires
Thu, 14 Jul 2022 02:03:39 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Non-Authoritative-Reason
HSTS
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3126438
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5676
cf-request-id
0abd80662c00004a91fc1f4000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPg7dfP5h0UPFPaOWB%2FKuB9B6S%2Bhs%2BKo1cYGdty5tPwmE%2FHC7PTvJQOKzQ2jFLzsZBVFuOxm2xGt5ZDmZ7%2BJQ9S%2FGAVOfo%2FGTieL62QliqwSFEuWgEq151v2JafoePUC1E%2F%2Fww451e2R5eYP82kKqnWf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
673992c4df534e79-FRA
expires
Thu, 14 Jul 2022 02:03:39 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Non-Authoritative-Reason
HSTS
header-default-txt.png
rebelscum.com/images/v3/
3 KB
3 KB
Image
General
Full URL
http://rebelscum.com/images/v3/header-default-txt.png
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bddea1985c717af31c09bad8ea0d16a391737286d10035b627fdc603e27133d1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Mon, 22 May 2017 12:29:57 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"d81fa81ff7d2d21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3280
00.png
rebelscum.com/images/v3/
10 KB
10 KB
Image
General
Full URL
http://rebelscum.com/images/v3/00.png
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ebdc0a6cf024c74b0c7255efd7d9072ef08c97ebdf4bff060464fb4a9de5c12a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Mon, 22 May 2017 12:30:02 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"ec9cac22f7d2d21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
9776
Xizor_Banner_2.jpg
www.rebelscum.com//2021/
115 KB
115 KB
Image
General
Full URL
http://www.rebelscum.com//2021/Xizor_Banner_2.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5e954ec87054cae866c5b3872ce6fb40ad336320aa7bafc0ec6472b49094871c

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Thu, 22 Jul 2021 07:01:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"197f4767c77ed71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
117966
star-wars-hasbro-the-black-series-reveals-Banner.jpg
rebelscum.com/2021/
80 KB
80 KB
Image
General
Full URL
http://rebelscum.com/2021/star-wars-hasbro-the-black-series-reveals-Banner.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca82326ec0d73bae3c39a5ef3906095b720cd138ac55e7c3f89a9d3c5a9839e6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Thu, 22 Jul 2021 14:45:31 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"f51d473887fd71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
81717
gentle-giant-ltd-a-new-hope-ben-kenobi-milestones-statue-header.jpg
rebelscum.com/2021/
96 KB
96 KB
Image
General
Full URL
http://rebelscum.com/2021/gentle-giant-ltd-a-new-hope-ben-kenobi-milestones-statue-header.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc7ab58dc6bc72061955f9e862df4caedeefc6faa455ed2101a79824d1277e0b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Fri, 23 Jul 2021 03:51:11 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"8f2245fa757fd71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
97809
Marvel-Logo-large.jpg
www.rebelscum.com//2020/
50 KB
50 KB
Image
General
Full URL
http://www.rebelscum.com//2020/Marvel-Logo-large.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7663b57b20f1b9c59a7424b6e781f3d335a26decf13182609194cc27149a6dc3

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Wed, 08 Jul 2020 12:05:28 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"e39059122055d61:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
50752
Shadows_Toy_Overview_banner.jpg
rebelscum.com/2021/
201 KB
202 KB
Image
General
Full URL
http://rebelscum.com/2021/Shadows_Toy_Overview_banner.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
30b2dbc80d699946d3ec91ffd539f081a4cee960ea88f69c08ace6362a6028f5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Thu, 22 Jul 2021 06:23:55 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"d659be25c27ed71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
206166
gentle-giant-ltd-blue-snaggletooth-mini-bust-holiday-gift-exclusive-header.jpg
rebelscum.com/2021/
97 KB
98 KB
Image
General
Full URL
http://rebelscum.com/2021/gentle-giant-ltd-blue-snaggletooth-mini-bust-holiday-gift-exclusive-header.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4eb4fdd3ad4117e4a6ddb511c4985722109f87fa0f6dc3998ec22f463153713f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Thu, 22 Jul 2021 04:46:54 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"d5195498b47ed71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
99813
gentle-giant-ltd-star-wars-rebels-darth-vader-mini-bust-header.jpg
rebelscum.com/2021/
94 KB
94 KB
Image
General
Full URL
http://rebelscum.com/2021/gentle-giant-ltd-star-wars-rebels-darth-vader-mini-bust-header.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4044e9e84fa0a45c8ea788437df60ce0c5a36154a2578100139624464667bd5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Thu, 22 Jul 2021 04:40:48 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"ac516dbeb37ed71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
95830
bbtssw-526x197.jpg
www.rebelscum.com/2020/
50 KB
50 KB
Image
General
Full URL
http://www.rebelscum.com/2020/bbtssw-526x197.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3e9b4ea5e439c4fa32c3ff2af4521ac999197a97600eeab8e3dcc6ed43834184

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Thu, 04 Jun 2020 14:18:42 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"f43de7c7b3ad61:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
50710
hasbro-clone-wars-banner.jpg
rebelscum.com/2021/
97 KB
98 KB
Image
General
Full URL
http://rebelscum.com/2021/hasbro-clone-wars-banner.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
39fe94435f0c3f1701cc4225d39271767637d5402905a3c40da20d54e110dc55

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ; __utma=133095309.178846656.1627092220.1627092220.1627092220.1; __utmc=133095309; __utmz=133095309.1627092220.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=133095309.1.10.1627092220; AdvallyUserLocation=PL,14
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Wed, 21 Jul 2021 20:15:19 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"6a996c206d7ed71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
99793
Shadows_of_the_Empire_banner_2.jpg
www.rebelscum.com//2021/
116 KB
116 KB
Image
General
Full URL
http://www.rebelscum.com//2021/Shadows_of_the_Empire_banner_2.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
db5bd9586ef78d6639509d89379435f9da7b8a9ded441248d46901bead5e9f7d

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Wed, 21 Jul 2021 03:46:37 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"7ea3b21e37dd71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
118283
Unboxing-%20Rocket%20Trooper%20banner.jpg
rebelscum.com/2021/
185 KB
186 KB
Image
General
Full URL
http://rebelscum.com/2021/Unboxing-%20Rocket%20Trooper%20banner.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f82fc90bdac94322e540afe9800ae10315a699166f5072cd0a7f6347d8c3c066

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ; __utma=133095309.178846656.1627092220.1627092220.1627092220.1; __utmc=133095309; __utmz=133095309.1627092220.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=133095309.1.10.1627092220; AdvallyUserLocation=PL,14
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Tue, 20 Jul 2021 06:26:25 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"f96a632a307dd71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
189794
gentle-giant-ltd-sdcc-exclusive-darth-maul-concept-mini-bust-header.jpg
rebelscum.com/2021/
93 KB
93 KB
Image
General
Full URL
http://rebelscum.com/2021/gentle-giant-ltd-sdcc-exclusive-darth-maul-concept-mini-bust-header.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
15a55c13889403e486946345563d747245aeb1ba06b5709f832b6a1aef5fbe73

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ; __utma=133095309.178846656.1627092220.1627092220.1627092220.1; __utmc=133095309; __utmz=133095309.1627092220.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=133095309.1.10.1627092220; AdvallyUserLocation=PL,14
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Tue, 20 Jul 2021 05:32:22 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"9e8829d287dd71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
95399
salacious-crumb-lifesized-statue-banner.jpg
www.rebelscum.com/2021/Regal%20Robot%20Salacious%20Crumb/
90 KB
90 KB
Image
General
Full URL
https://www.rebelscum.com/2021/Regal%20Robot%20Salacious%20Crumb/salacious-crumb-lifesized-statue-banner.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f3b5bd03fd62b600f6d4877bc7badfe3ccc4b9a7d582be69bb552f287696a786

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:39 GMT
last-modified
Tue, 20 Jul 2021 04:54:08 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"c921ee45237dd71:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
91855
gentle-giant-ltd-sdcc-exclusive-rotj-boba-fett-40th-anniversary-jumbo-figure-header.jpg
rebelscum.com/2021/
68 KB
68 KB
Image
General
Full URL
http://rebelscum.com/2021/gentle-giant-ltd-sdcc-exclusive-rotj-boba-fett-40th-anniversary-jumbo-figure-header.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8fc41fd1b44f288034309d6eb21cd3c71f52f25a960ebc107489325415e2d18a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ; __utma=133095309.178846656.1627092220.1627092220.1627092220.1; __utmc=133095309; __utmz=133095309.1627092220.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=133095309.1.10.1627092220; AdvallyUserLocation=PL,14
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Tue, 20 Jul 2021 05:14:49 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"282c029267dd71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
69576
SW179_ARTFX_Ahsoka_Tano_banner.jpg
www.rebelscum.com/2021/Ahsoka%20Tano%20ARTFX/
61 KB
62 KB
Image
General
Full URL
https://www.rebelscum.com/2021/Ahsoka%20Tano%20ARTFX/SW179_ARTFX_Ahsoka_Tano_banner.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40f121f981ead559b715d3116657fe9898d4d03869580976dcf7f449f92d57bc

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:39 GMT
last-modified
Tue, 20 Jul 2021 03:57:25 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f8efaa591b7dd71:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
62876
GG-LOGO-600x200.jpg
rebelscum.com/2020/
60 KB
60 KB
Image
General
Full URL
http://rebelscum.com/2020/GG-LOGO-600x200.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
49c6315f3bbe6fdd47a23290e571f2f6ba1412c1dc13c717ea8bc535a84001c6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ; __utma=133095309.178846656.1627092220.1627092220.1627092220.1; __utmc=133095309; __utmz=133095309.1627092220.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=133095309.1.10.1627092220; AdvallyUserLocation=PL,14
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Mon, 26 Oct 2020 15:56:51 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"877aa59eb0abd61:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
61324
21hasbroQA.jpg
rebelscum.com/2021/
137 KB
138 KB
Image
General
Full URL
http://rebelscum.com/2021/21hasbroQA.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0311ac35b6a720f6aeb524ea41b9e1561a9d53cb684c8c3ed1dba87815f82290

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ; __utma=133095309.178846656.1627092220.1627092220.1627092220.1; __utmc=133095309; __utmz=133095309.1627092220.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=133095309.1.10.1627092220; AdvallyUserLocation=PL,14
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Mon, 19 Jul 2021 14:04:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"0e296eea67cd71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
140571
Lego_R2-D2_Zaavi_banner.jpg
www.rebelscum.com//2021/
79 KB
79 KB
Image
General
Full URL
http://www.rebelscum.com//2021/Lego_R2-D2_Zaavi_banner.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3aa6a9ad2e733aa3ea98c258170c92426cc67e5b17e10fda0fba58fa7761dcf1

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Mon, 19 Jul 2021 14:21:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"f55f195ca97cd71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
80944
ee-173x90.gif
rebelscum.com/ads/
8 KB
8 KB
Image
General
Full URL
http://rebelscum.com/ads/ee-173x90.gif
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f8425cfcb137778595ddfbd149589821be274befe06bbeabf991fada54ba4354

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Tue, 14 May 2019 19:24:03 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"66cdf6968aad51:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
7849
Celebration-Chicago-2019-tn.jpg
rebelscum.com/2019-Star-Wars-Celebration/
83 KB
83 KB
Image
General
Full URL
http://rebelscum.com/2019-Star-Wars-Celebration/Celebration-Chicago-2019-tn.jpg
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1bdcde5969df6f57f5e1b16b2a7d422071c7cc3929bfd1f47c6cc98fb7ebb3e0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Sun, 30 Jun 2019 18:27:48 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"46e83185712fd51:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
84931
rs-spanish2018.gif
rebelscum.com/2018/
2 KB
3 KB
Image
General
Full URL
http://rebelscum.com/2018/rs-spanish2018.gif
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ac462b7e2edb2f4614f9d1c0dac65ad68fbc67db07cb09a59afb1d9ba425c814

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Sat, 04 Aug 2018 17:04:58 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"2127446152cd41:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2463
forum-bucket-hdr.gif
rebelscum.com/images/v3/
2 KB
3 KB
Image
General
Full URL
http://rebelscum.com/images/v3/forum-bucket-hdr.gif
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4b373d76db2878ff482a9b1a65111560310ca89d267cc43d46fddd1ce5439403

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Mon, 22 May 2017 12:29:57 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"5ebda51ff7d2d21:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2398
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
4576
date
Sat, 24 Jul 2021 00:47:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 24 Jul 2021 02:47:23 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
advally-4.1.1.js
cdn.adligature.com/rules.js/
85 KB
23 KB
Script
General
Full URL
https://cdn.adligature.com/rules.js/advally-4.1.1.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rs/prod/rules.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5d0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90c9aedece0fa2103d1922ce78181d681729306be45d18b0e6d21fec19e1512a

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=PGZZkQ==, md5=US4GrndfuOhKm+dX3IqSDQ==
date
Sat, 24 Jul 2021 02:03:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4139
cf-polished
origSize=144539
x-guploader-uploadid
ABg5-UwWmJcFMkWHqBrYB0BlKhRKeh6O6vi6rET_cPZfL0pmk7ki3UGWofEs2-X83abqiu6rMCm6QIVWY9Alk5nQtR3LlDEP1Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 19 Apr 2021 14:49:02 GMT
server
cloudflare
etag
W/"512e06ae775fb8e84a9be757dc8a920d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foLeEAfzNcFPuyC28w%2BrOLwFLRhDzeu12OogJ5zueb1zuuiZ6Yv4LabIxf3daAqcF6qcl8jdGn3L4ZflSZf0KmtLLH6GjPsNRQp2baFzAtlKtO5M%2BCTaWIZkNSuZN9A7kCFoejN%2FtjA6AzGhC%2FUoFKI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1618843742474715
content-type
application/javascript
cache-control
public, max-age=7200, s-maxage=7200, must-revalidate
x-goog-stored-content-length
144539
cf-ray
673992c66a862c52-FRA
expires
Sat, 24 Jul 2021 02:54:40 GMT
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5e03076d19e4b85f18ca42fd71003c914b9e5a68237fd075ac36d73f9422d318
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Ed2MjdlXci/YwaJ4oeDDfQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
+B8al8qg3jooh9oPn5ZCaUl1WGbsoc8dBTGAlwq9SJxOibQ0r1sySb95O+ZhoKezzKaGlwJRMbAKpiKgbNCzDw==
x-fb-trip-id
917726464
x-fb-content-md5
72f5022667359279905edd0b202b0d50
x-frame-options
DENY
date
Sat, 24 Jul 2021 02:03:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"41f1f84a0fe3a9f245722b40611872bb"
timing-allow-origin
*
expires
Sat, 24 Jul 2021 02:22:53 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason
HSTS
Cookie set ad.asp
www.rebelscum.com/ Frame 1437
328 B
648 B
Document
General
Full URL
http://www.rebelscum.com/ad.asp?h=379
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
973dc29ddae88a5a064eda575754839f8486b0540c45c1c0328149767fb8aa6c

Request headers

Host
www.rebelscum.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rebelscum.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDQAQRQARB=LGKCMEDBCANNIEAMKHMPEPIK; path=/
X-Powered-By
ASP.NET
Date
Sat, 24 Jul 2021 02:03:39 GMT
Content-Length
357
Cookie set ad.asp
www.rebelscum.com/ Frame E6EE
325 B
645 B
Document
General
Full URL
http://www.rebelscum.com/ad.asp?h=384
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c345cc68ba35ffa3252a80f00edd374ba46103aab9bbdce8f3cfe3b211f07263

Request headers

Host
www.rebelscum.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rebelscum.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDQAQRQARB=KGKCMEDBAGAMCHMCDOBDCNJP; path=/
X-Powered-By
ASP.NET
Date
Sat, 24 Jul 2021 02:03:39 GMT
Content-Length
354
Cookie set ad.asp
www.rebelscum.com/ Frame 79EC
341 B
660 B
Document
General
Full URL
http://www.rebelscum.com/ad.asp?h=380
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6e2b382d798fdad058ab0c7fd8efcd7e7eb7aae61e56c9ad5105f8ab4fb2593c

Request headers

Host
www.rebelscum.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rebelscum.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDQAQRQARB=NGKCMEDBOCHAGMHJIMBOKEPG; path=/
X-Powered-By
ASP.NET
Date
Sat, 24 Jul 2021 02:03:39 GMT
Content-Length
369
top-header-bgrnd.gif
rebelscum.com/images/v3/
8 KB
8 KB
Image
General
Full URL
http://rebelscum.com/images/v3/top-header-bgrnd.gif
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/v3-style.css
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5338f3cb3e2733c24d559b5c265245e2f5d33ee57b540baa0997df8e831f8495

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/v3-style.css
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/v3-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Mon, 22 May 2017 12:29:56 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"d74e331ff7d2d21:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
8193
top-menu-bgrnd.png
rebelscum.com/images/v3/
1021 B
1 KB
Image
General
Full URL
http://rebelscum.com/images/v3/top-menu-bgrnd.png
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/v3-style.css
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a0ed07cdccf293276355d35858b942e7615a3aef67d598add7dcbf1c6b537435

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/v3-style.css
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/v3-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Mon, 22 May 2017 12:29:56 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"d74e331ff7d2d21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1021
btn-fullstory.gif
rebelscum.com/images/v3/
273 B
521 B
Image
General
Full URL
http://rebelscum.com/images/v3/btn-fullstory.gif
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/v3-style.css
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
71d3cbad060831c5d25685a643d211e5b5da3abd4149c0acead41197775f3cda

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/v3-style.css
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/v3-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Mon, 22 May 2017 12:29:59 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"71c3ee20f7d2d21:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
273
/
pro.ip-api.com/csv/
6 B
154 B
XHR
General
Full URL
https://pro.ip-api.com/csv/?key=ZxSSLwZtxrKxQbv&fields=countryCode,region
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
54f68727214426bd8b6cc66bab5e6e88c46f06477346b5108314d9e70f62d44d

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Jul 2021 02:03:40 GMT
Content-Length
6
Content-Type
text/plain; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/
68 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
81d1fd3b8d6e7b5cd4b34e2d5e8c138ae799e085044d0f4c4a0b26d5baf975c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"938 / 380 of 1000 / last-modified: 1627080183"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24038
x-xss-protection
0
expires
Sat, 24 Jul 2021 02:03:40 GMT
prebid-4.12.0.js
cdn.adligature.com/prebid/
357 KB
113 KB
Script
General
Full URL
http://cdn.adligature.com/prebid/prebid-4.12.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:5d0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4679ad6cd5721a39be373aff0e3539cc7b6d66b985bcb66d4b375f52e1b1ee91

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Z/X3Ag==, md5=QfFBAoJIWksPcw6AOPUCLw==
Date
Sat, 24 Jul 2021 02:03:40 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
444
Cf-Polished
origSize=365632
X-GUploader-UploadID
ADPycduY_Ut6UXvjMf8loECkRhHL1P0eP9DERnKqKKSxsREGsPfid2qfqvyTbJ0LSiOqMIAwmm8IiOyzq6c0z9IhmW3uP7yosA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Last-Modified
Tue, 30 Mar 2021 15:47:29 GMT
Server
cloudflare
ETag
W/"41f1410282485a4b0f730e8038f5022f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5G71Koxmdf%2B83EO4c%2BXrtKAoJf4ybQsVaWpGrth2GXxGjzyrWLYY9CDygiGHke0FwyltgZeBHoBhoBRbaFE8FKMW6H51eH2sHiN0sJlPOlufO1FGn7errEd5ydLmdet79scTvk7uugFQI7N5OxL%2BKls%3D"}],"group":"cf-nel","max_age":604800}
Content-Language
en
x-goog-generation
1617119249016548
Content-Type
application/javascript
Expires
Sat, 24 Jul 2021 02:06:15 GMT
Cache-Control
public, max-age=1800, s-maxage=600, must-revalidate
Transfer-Encoding
chunked
x-goog-stored-content-length
365632
CF-RAY
673992c6ea8b973c-FRA
Cf-Bgj
minify
Cookie set ad.asp
www.rebelscum.com/ Frame 5F1D
317 B
640 B
Document
General
Full URL
http://www.rebelscum.com/ad.asp?h=395
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2898b915e0d25e937e9a772c72be75f6f2c2460343c716124e606b808c4bdd6e

Request headers

Host
www.rebelscum.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rebelscum.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDQAQRQARB=AHKCMEDBGEMFDGIADIJGLDFP; path=/
X-Powered-By
ASP.NET
Date
Sat, 24 Jul 2021 02:03:39 GMT
Content-Length
349
Cookie set ad.asp
www.rebelscum.com/ Frame 6AC3
346 B
665 B
Document
General
Full URL
http://www.rebelscum.com/ad.asp?h=394
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4aac31009b03c4ac57baabc79a6134359837ddd079f402969c9353459206268b

Request headers

Host
www.rebelscum.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rebelscum.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDQAQRQARB=BHKCMEDBOPKFHPJDFCNGFCOH; path=/
X-Powered-By
ASP.NET
Date
Sat, 24 Jul 2021 02:03:39 GMT
Content-Length
374
Cookie set ad.asp
www.rebelscum.com/ Frame C247
319 B
642 B
Document
General
Full URL
http://www.rebelscum.com/ad.asp?h=393
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
87db2cdba7ffeb72c22d15d6d89a2121181a0f743167db2d717182029b752764

Request headers

Host
www.rebelscum.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rebelscum.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDQAQRQARB=CHKCMEDBGMLGJIBFAOOGIDGP; path=/
X-Powered-By
ASP.NET
Date
Sat, 24 Jul 2021 02:03:39 GMT
Content-Length
351
Cookie set ir.asp
www.rebelscum.com/ Frame 92DD
353 B
657 B
Document
General
Full URL
http://www.rebelscum.com/ir.asp?h=158
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d3f442e76695249337c5b4f7a22af14fdfbdd956034051fcfb94acca23ddd05

Request headers

Host
www.rebelscum.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rebelscum.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDQAQRQARB=GHKCMEDBEHDFBLKMFLAOAFNJ; path=/
X-Powered-By
ASP.NET
Date
Sat, 24 Jul 2021 02:03:39 GMT
Content-Length
366
Cookie set ad.asp
www.rebelscum.com/ Frame 4045
324 B
643 B
Document
General
Full URL
http://www.rebelscum.com/ad.asp?h=204
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6854c4e7d31f9501ddedc8ebf890bb029fab7d968a504fb2d324a8c037e4dc52

Request headers

Host
www.rebelscum.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rebelscum.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDQAQRQARB=HHKCMEDBJODEDONMIPLEHICF; path=/
X-Powered-By
ASP.NET
Date
Sat, 24 Jul 2021 02:03:39 GMT
Content-Length
352
feature-bgrnd.gif
rebelscum.com/images/v3/
5 KB
5 KB
Image
General
Full URL
http://rebelscum.com/images/v3/feature-bgrnd.gif
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/v3-style.css
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bd21da47bc7158674cc565e6e77bc9b5b48a854a6d5be236ea84f655d93d07d7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/v3-style.css
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/v3-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Mon, 22 May 2017 12:29:58 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"aa452b20f7d2d21:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
5288
tfn-bucket-bgrnd.gif
rebelscum.com/images/v3/
9 KB
9 KB
Image
General
Full URL
http://rebelscum.com/images/v3/tfn-bucket-bgrnd.gif
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/v3-style.css
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
02038af3f655f46885996206a23943836d5ec2a106dc45878be0c295ef58b857

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://rebelscum.com/v3-style.css
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rebelscum.com/v3-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Mon, 22 May 2017 12:29:57 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"a6fc621ff7d2d21:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
9175
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=380602836&utmhn=rebelscum.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=R...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=380602836&utmhn=rebelscum.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
35 B
54 B
Image
General
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=380602836&utmhn=rebelscum.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Rebelscum.com%3A%20Home%20Page&utmhid=1928967654&utmr=-&utmp=%2F&utmht=1627092220002&utmac=UA-2973792-2&utmcc=__utma%3D133095309.178846656.1627092220.1627092220.1627092220.1%3B%2B__utmz%3D133095309.1627092220.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=235398646&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=380602836&utmhn=rebelscum.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Rebelscum.com%3A%20Home%20Page&utmhid=1928967654&utmr=-&utmp=%2F&utmht=1627092220002&utmac=UA-2973792-2&utmcc=__utma%3D133095309.178846656.1627092220.1627092220.1627092220.1%3B%2B__utmz%3D133095309.1627092220.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=235398646&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
all.js
connect.facebook.net/en_US/
227 KB
66 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=45cc336d37c465eda0b020675e52cc6b
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6bfcc41fb8c21a4d49d62fb3cceceec6dc3c11d7370df183f6a0f1821f7bb492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
http://rebelscum.com
Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ecukSCDpKb6DG7oXsyzuDw==
cross-origin-resource-policy
cross-origin
expires
Sat, 23 Jul 2022 23:18:12 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
67667
x-fb-rlafr
0
x-fb-debug
v7EfDM4tsyo8fDnWqPciXl51yicJX1pLh1d+7KB9N1zNJvZNsmQJDKEGdAns1hvkCa4XmocJg8hbWHuDgaujNg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-fb-content-md5
e4d421c95e0a6b5a9e4a03883fe252a1
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 24 Jul 2021 02:03:40 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"38041be42a4da761957480adaf350837"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
pubads_impl_2021071401.js
securepubads.g.doubleclick.net/gpt/
329 KB
115 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 08:38:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117283
x-xss-protection
0
expires
Sat, 24 Jul 2021 02:03:40 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
107 B
118 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rebelscum.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
5a47fa65e619bc27a7335602e524c7c44680a16f1a3e47221ede4e32226dac3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 02:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sat, 24 Jul 2021 02:03:40 GMT
opxban-120x60.jpg
www.rebelscum.com/2015/ Frame E6EE
12 KB
12 KB
Image
General
Full URL
http://www.rebelscum.com/2015/opxban-120x60.jpg
Requested by
Host: www.rebelscum.com
URL: http://www.rebelscum.com/ad.asp?h=384
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
913ba9c6f499eb2a48c6284c7a8d1d62a7369c404d8fc38824221a6818c50461

Request headers

Referer
http://www.rebelscum.com/ad.asp?h=384
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Sat, 20 May 2017 05:54:52 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"431483992dd1d21:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
11868
bbts-sw-square-120-1-31.gif
www.rebelscum.com/2021/ Frame 1437
84 KB
84 KB
Image
General
Full URL
http://www.rebelscum.com/2021/bbts-sw-square-120-1-31.gif
Requested by
Host: www.rebelscum.com
URL: http://www.rebelscum.com/ad.asp?h=379
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3a6e816921e852de8d83dce290cf10a658b65df3e172c4ebb63904bcad03661

Request headers

Referer
http://www.rebelscum.com/ad.asp?h=379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Sun, 31 Jan 2021 18:56:05 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"73d12eba2f8d61:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
85948
ee-120x60_aff_galactichunters.gif
rebelscum.com/2015/ Frame 79EC
23 KB
23 KB
Image
General
Full URL
http://rebelscum.com/2015/ee-120x60_aff_galactichunters.gif
Requested by
Host: www.rebelscum.com
URL: http://www.rebelscum.com/ad.asp?h=380
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c2ef93df138786baabfa6582b5266b17fc194100ec7cba3d70a55da87f109b71

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rebelscum.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.rebelscum.com/
Cookie
ASPSESSIONIDQAQRQARB=EGKCMEDBNJMEGJACFOLHCHCJ; __utma=133095309.178846656.1627092220.1627092220.1627092220.1; __utmc=133095309; __utmz=133095309.1627092220.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=133095309.1.10.1627092220; AdvallyUserLocation=PL,14
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Sat, 20 May 2017 05:57:15 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"cbace7ee2dd1d21:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
23517
famlink1-fc1.gif
www.rebelscum.com/images/v3/ Frame 5F1D
4 KB
4 KB
Image
General
Full URL
http://www.rebelscum.com/images/v3/famlink1-fc1.gif
Requested by
Host: www.rebelscum.com
URL: http://www.rebelscum.com/ad.asp?h=395
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a568210933597958e0bce2589bf17029dd221656429b4781fe0b1590b339a9b5

Request headers

Referer
http://www.rebelscum.com/ad.asp?h=395
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Wed, 06 Sep 2017 02:54:49 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"1eeb7281bb26d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
3615
famlink1-tfn.gif
www.rebelscum.com/images/v3/ Frame 6AC3
2 KB
2 KB
Image
General
Full URL
http://www.rebelscum.com/images/v3/famlink1-tfn.gif
Requested by
Host: www.rebelscum.com
URL: http://www.rebelscum.com/ad.asp?h=394
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8afc76752db2505a46809d85c99ade981967be459bb49cbac8fa408a8b62d081

Request headers

Referer
http://www.rebelscum.com/ad.asp?h=394
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Sat, 28 Apr 2018 15:25:23 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"a7fe6f205dfd31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2047
famlink1-ctr.gif
www.rebelscum.com/images/v3/ Frame C247
2 KB
2 KB
Image
General
Full URL
http://www.rebelscum.com/images/v3/famlink1-ctr.gif
Requested by
Host: www.rebelscum.com
URL: http://www.rebelscum.com/ad.asp?h=393
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7245bc102bb700aa253cc153564c23e3b06283694de4ccbbea3a1879b0dc2304

Request headers

Referer
http://www.rebelscum.com/ad.asp?h=393
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Sun, 03 Jun 2018 04:13:47 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"86c5b644f1fad31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1699
js.php
us.ads.justpremium.com/adserve/
Redirect Chain
  • http://us.ads.justpremium.com/adserve/js.php?zone=111507
  • https://us.ads.justpremium.com/adserve/js.php?zone=111507
9 KB
4 KB
Script
General
Full URL
https://us.ads.justpremium.com/adserve/js.php?zone=111507
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.185.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-185-65.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a84d3518398499eace9be061bbf7e8a1162a703cb8fd6372531386d40e79c56b

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:40 GMT
content-encoding
gzip
cache-control
public, no-cache, no-store, must-revalidate
content-type
text/javascript; charset=utf-8

Redirect headers

Location
https://us.ads.justpremium.com:443/adserve/js.php?zone=111507
Date
Sat, 24 Jul 2021 02:03:40 GMT
Server
awselb/2.0
Connection
keep-alive
Content-Length
134
Content-Type
text/html
integrator.js
adservice.google.pl/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=rebelscum.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 02:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rebelscum.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 02:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
316 KB
104 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3375548425411775&correlator=410295423600937&output=ldjh&impl=fifs&eid=31061649%2C31061180%2C31061843%2C20211866&vrg=2021071401&ptt=17&sc=0&sfv=1-0-38&ecs=20210724&iu_parts=1093718%2CRebelscum.com%2CTop_Leaderboard%2CSKY_SIDEBAR%2CMPU_SIDEBAR_1%2CMPU_SIDEBAR_2&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%2C160x600%2C300x250%7C300x600%2C300x250%7C300x600&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1627092220&dt=1627092220398&dlt=1627092219637&idt=714&frm=20&biw=1600&bih=1200&oid=3&adxs=279%2C281%2C1019%2C1015&adys=172%2C524%2C268%2C1398&adks=134564259%2C2198091605%2C376301205%2C1193361684&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frebelscum.com%2F&vis=1&scr_x=0&scr_y=0&psz=733x4414%7C166x878%7C300x0%7C306x1226&msz=733x-1%7C162x-1%7C300x0%7C306x0&ga_vid=178846656.1627092220&ga_sid=1627092220&ga_hid=1928967654&ga_fc=true&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
bfebc7edf192b95a25a5ae995b14d25ca4a5ac46780be38190b4ae5a3980c3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106804
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://rebelscum.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1737
6 KB
3 KB
Document
General
Full URL
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://rebelscum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 24 Jul 2021 02:03:40 GMT
expires
Sun, 24 Jul 2022 02:03:40 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
The-Vintage-Collection-Hasbro-Boushh-Wave.jpg
www.rebelscum.com/2019/ Frame 92DD
53 KB
53 KB
Image
General
Full URL
http://www.rebelscum.com/2019/The-Vintage-Collection-Hasbro-Boushh-Wave.jpg
Requested by
Host: www.rebelscum.com
URL: http://www.rebelscum.com/ir.asp?h=158
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
124d03739d6120bb38a95fee58c8402894b37cd510bc9e4ca866976d80e16bcb

Request headers

Referer
http://www.rebelscum.com/ir.asp?h=158
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Wed, 22 May 2019 06:26:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"6c791d4c6710d51:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
53863
opx-160x600.jpg
www.rebelscum.com/2018/ Frame 4045
127 KB
128 KB
Image
General
Full URL
http://www.rebelscum.com/2018/opx-160x600.jpg
Requested by
Host: www.rebelscum.com
URL: http://www.rebelscum.com/ad.asp?h=204
Protocol
HTTP/1.1
Server
104.156.250.80 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
rebelscum.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a7f4211fb51359de3e3c8b9e4ec93de11082429a3a0a959de8725678407abb5a

Request headers

Referer
http://www.rebelscum.com/ad.asp?h=204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:39 GMT
Last-Modified
Thu, 20 Dec 2018 17:01:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"89745ea88598d41:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
130487
jpx.js
cdn.justpremium.com/js/v2.26.407/
Redirect Chain
  • http://cdn.justpremium.com/js/v2.26.407/jpx.js
  • https://cdn.justpremium.com/js/v2.26.407/jpx.js
294 KB
70 KB
Script
General
Full URL
https://cdn.justpremium.com/js/v2.26.407/jpx.js
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb7cc5bb986e6895be8e36f565958cb5ca5f751864ea0558af0799db399ce07b

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 13:51:57 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 07:14:22 GMT
server
AmazonS3
age
43903
etag
W/"7d7ec91068c726e35be1622e8df70a75"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000, s-maxage=2592000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Hl5WXtYyC9XWAI8ceJjU_W8mp1_r5WYlw51tixzJMv2rbgxgMD5d4A==

Redirect headers

Date
Sat, 24 Jul 2021 02:03:40 GMT
Via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
DUS51-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn.justpremium.com/js/v2.26.407/jpx.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
Qbte-b1CLt7Ts4Cb62liOF6jtFRgw2gJ7LyuVrkEPq8N41pEZtXojg==
tracking.gif
tracking.justpremium.com/
43 B
332 B
Image
General
Full URL
http://tracking.justpremium.com/tracking.gif?rid=r-6920f583-27fc-4d76-8c02-5df0e999cd8f-14765-743781610&sid=r-d51fdd17-aebc-42a0-ab3f-1974b565f6b8-14765-743809412&uid=r-83eb0c57-0666-4411-9acf-444adbc76226-14765-743837529&vr=v2.26.407&ru=http%3A%2F%2Frebelscum.com%2F&tt=1627092220593&siw=0&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=eu-central-1&sd=&_c=645008451&et=&aid=&said=&ei=&fc=&sp=&at=adserver&cid=0&ist=&mg=&dl=&dlt=&ev=&vt=&zid=111507&dr=0&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ias%22%3A%7B%22riskIP%22%3A%22%22%2C%22riskHref%22%3A%5B%5D%2C%22content%22%3A%5B%22IAB_FAMILY%22%2C%22IAB_HOBBIES%22%5D%7D%7D&ty=ta
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
35.156.146.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-146-15.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:40 GMT
Last-Modified
Wed, 23 Jun 2021 07:56:00 GMT
Server
nginx
ETag
"60d2e910-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107130206000/ Frame 4DB2
188 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55160
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b724d3ee8cec1601"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4DB2
13 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4795
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"392d0f0d5f27c169"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4DB2
87 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27843
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f120bcb28bbafed0"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4DB2
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1658
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6fba3cabb8cd86f8"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4DB2
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12840
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6d4edf2414c2591f"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
truncated
/ Frame 4DB2
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef97574b4cf493a6abb30a69a690c30e985bd4532cc3d6d2391c16e2a140580b

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
12347222831777149578
tpc.googlesyndication.com/daca_images/simgad/ Frame 4DB2
35 KB
35 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/12347222831777149578
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f586d72c83c36f8ab27c29ba9c4fd5ca6b9b3300ddbe86f2282cd0f528c3822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 09:09:27 GMT
x-content-type-options
nosniff
age
147253
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35879
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 08:33:15 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 09:09:27 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DB2
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 03:19:18 GMT
x-content-type-options
nosniff
server
cafe
age
81862
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 24 Jul 2021 03:19:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DB2
295 B
399 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 13:07:41 GMT
x-content-type-options
nosniff
server
cafe
age
46559
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 24 Jul 2021 13:07:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4DB2
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSL5f_HT7YLSjHJOV7_UPmP2QqAesjJHTY8rzzIzADYmO87GxIRABIPuYtUJg6eTJhdgaoAHu8ZDpA8gBAqkCN3nRBKxGkT7gAgCoAwHIAwiqBMcBT9AIu43ym9uKsWukqqvZB66gBiWCNW5Vwel1EpofNy81ebKyfp4yVqHlHvBEn2WmAa0nV4VMBoKTWImvJSamyZr6O-MRyn4LyJW673rUJlSCeTZjr1xxj8fajSXLs95okEH7Pe7-xhiuXExYH0rqbm8mfpwa4xBRGS0oKFfItorBUqCAUhi-stp_r5GRk1am4tb3VddK2XWrpJUbIgoKmp_pBfBaQMeOTkCdpdfxeSHot3Lshwn3DXaqHLF7X2dsfoXvHQ6KoMAE_tb1-cUD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_mr-yOoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQzfAE0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0yNDk4MTU5MTIzODk3MjYzgAoDyAsB2BMN0BUBgBcBshcaChgIABIUcHViLTkwNzA2Mjk4NDMxMjkzMTI&sigh=lj0eD2FujQE
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107130206000/ Frame E8B1
188 KB
54 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55160
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b724d3ee8cec1601"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E8B1
13 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4795
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"392d0f0d5f27c169"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E8B1
87 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27843
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f120bcb28bbafed0"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E8B1
71 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
377681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16734
x-xss-protection
0
server
sffe
date
Mon, 19 Jul 2021 17:08:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b05480813bd9b7e9"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:59 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E8B1
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1658
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6fba3cabb8cd86f8"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E8B1
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12840
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6d4edf2414c2591f"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E8B1
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 03:19:18 GMT
x-content-type-options
nosniff
server
cafe
age
81862
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 24 Jul 2021 03:19:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E8B1
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 13:07:41 GMT
x-content-type-options
nosniff
server
cafe
age
46559
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 24 Jul 2021 13:07:41 GMT
truncated
/ Frame E8B1
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6eb19b19ac9ce3d01346591dc2385c55d4ed14c09de37c5d9f77d7e2ac0987f

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A88
6 KB
3 KB
Document
General
Full URL
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://rebelscum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 24 Jul 2021 02:03:40 GMT
expires
Sun, 24 Jul 2022 02:03:40 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107130206000/ Frame D856
188 KB
54 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55160
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b724d3ee8cec1601"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame D856
13 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4795
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"392d0f0d5f27c169"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame D856
87 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27843
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f120bcb28bbafed0"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame D856
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1658
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6fba3cabb8cd86f8"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame D856
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
131921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12840
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6d4edf2414c2591f"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D856
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 03:19:18 GMT
x-content-type-options
nosniff
server
cafe
age
81863
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 24 Jul 2021 03:19:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D856
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 13:07:41 GMT
x-content-type-options
nosniff
server
cafe
age
46560
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 24 Jul 2021 13:07:41 GMT
truncated
/ Frame D856
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3370ca331ef90ec2b56fdb75a76fc620b0bb97092be3675492c0b529e3384943

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame E8B1
0
0
Image
General
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaQpfEL0Hj8XTH6dfch1Y10Gb4tDtcwGSk4iJoSEflVanZoLIS62S-yLg6t_iI1gwmAchA0PIS82l4wxQomPmulHvI99wQ
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame E8B1
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGFlx_HT7YLWjHJOV7_UPmP2QqAfY4OXsY6iwqoelDtGR1M2PHRABIPuYtUJg6eTJhdgaoAGs__PhAsgBCakCNeHEoSzAsz7gAgCoAwHIAwiqBM8BT9DGOffSYimZmJd0a9A9AIFVI3VQHFWjJuSysr6BuZx5gezJ7c-EA7ICtAGtyKERHtKPNZK0fYgzU4qXPEKOSnm3wyGanOZH9rG8Lm7hwDqAfa7XX7Fdfgq0WZMrZGdCSmEOzA3MF63WOLcybCAvb7m1N38d0uewfUeEYvfYSyDnhCNqYzVlVjq1bDg6BiJQJ1AeqCZNMH_kmUPvtwYOmfF_nNmQ0Z4jvBsRhrBbSXK5mWAtaBPfGv1wcZNyRlZkj_jx3cTg-T7YMitD3B8SwATcxNCwugPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHvICMngGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQwrQE0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0yNDk4MTU5MTIzODk3MjYzgAoDyAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTkwNzA2Mjk4NDMxMjkzMTI&sigh=9X6ityoC2VI&template_id=419
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

truncated
/ Frame E8B1
30 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9407bccb09a5a090b03cf109ba79c39581352cedf1298d57320cea4cf3113e17

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame E8B1
30 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
036b30e66fa9ff6883bd4d22d802dfcb6db0352705bb7045a88dccf911d1d751

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame E8B1
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f41dfd60ecb07e303c9124c0779ebba24aacf6aec9afc4e0d519c7b35027a73

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
2081719287100605180
tpc.googlesyndication.com/daca_images/simgad/ Frame D856
65 KB
65 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/2081719287100605180
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1ca7ad599f3cb79277e8edf9e207bd93448b3b62e848fd6f2a125de60d13f69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:33:12 GMT
x-content-type-options
nosniff
age
336629
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66257
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 14:57:13 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 04:33:12 GMT
l
www.google.com/ads/measurement/ Frame D856
0
0
Image
General
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaTSssQUkOuTiMASXmQfwik-AaxtwaAZcLhx20XzZd4sEHHdSCFbHxkZvjFsRm3f_OYe5LrPeVwKwE36n8rsU7fi4eYOCQ
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame D856
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDndn_HT7YLejHJOV7_UPmP2QqAeq1PHjYqG-nZuNDtrZHhABIPuYtUJg6eTJhdgaoAGcr_uoAsgBAuACAKgDAcgDCKoEzAFP0J-BXsv7gXjrpLz-NPC-11PgrllRS3fysvp3yQcuAvy36VfXuxTNQnlna01KhPBovU0jXZgVqhCmma9fdOHMVsfjOqJaliJ7_Syc3EMdsa-FB1VmvfgeaodqW3hnrelban_VNMNHQqZ36tl6nrtehLIHu37E_UCh-WfKCf0uEUYsHn5siCJfdxmo3nNp9LLTiK1T7Z1QS0Gl-HWBrU4hAj72YbP3cM1V4EEIU22LZcc6DFMBZDaQ0k8eV7euRe9M26F5lqpn08PVntvABLn5k-W6A-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCD0APSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTI0OTgxNTkxMjM4OTcyNjOACgPICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItOTA3MDYyOTg0MzEyOTMxMg&sigh=12Yk7SOroe0
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039897272555"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27998
x-xss-protection
0
expires
Sat, 24 Jul 2021 02:03:41 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4DB2
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date
Sat, 24 Jul 2021 02:03:41 GMT
X-Content-Type-Options
nosniff
Server
safe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control
private
Content-Length
246
X-XSS-Protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame D856
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date
Sat, 24 Jul 2021 02:03:41 GMT
X-Content-Type-Options
nosniff
Server
safe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control
private
Content-Length
246
X-XSS-Protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8705
624 B
299 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-QQRCDya0CGOP2wa8BMAE&v=APEucNXG1bM2wBRuN6pLLB9UrgAElhqsagsXKMeoGNSCetyH3IPs1Gw1KmjEuwIeaFCoMVbtK74WpN6fhvrAB9MJFm3mj1hTsBTRTIvAwQ_YBHaEPss3TeA5hv_pyNer7tWX9InWTp5tKq0CvvlJ5mCmBMyJhDVZkD8ntE_EWLP3SziU5Men5DI
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJ-QQRCDya0CGOP2wa8BMAE&v=APEucNXG1bM2wBRuN6pLLB9UrgAElhqsagsXKMeoGNSCetyH3IPs1Gw1KmjEuwIeaFCoMVbtK74WpN6fhvrAB9MJFm3mj1hTsBTRTIvAwQ_YBHaEPss3TeA5hv_pyNer7tWX9InWTp5tKq0CvvlJ5mCmBMyJhDVZkD8ntE_EWLP3SziU5Men5DI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnzRUR-qfmAkoE9KLEhoMzbl53xem-YpXErdLW1YtUt6J-sZiC1EiuFDDJYgO4; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 24 Jul 2021 02:03:41 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Jul 2021 02:03:41 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9A88
68 KB
25 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJKIjMSoQBV0RYWaYLgS6dsHGOs-T5_nFdoZJ2TIuFf8tRLuRnH74P54pscKq13zYVfP3uE2nQp-7RpZqkhOkJtbmOTtOxpMBTaGRSSQYfqNWS8d5icMlK0kAHP1QMSjItmPk0DMmdnDkUgzjAiFlTJ0pK6Q&dbm_d=AKAmf-Dv2BNXBQ-I_cg6UYf9ZrCkapCWjQil4AMRRFRixgFdRJc_VazUIB3xSO7nVlYEQ12h2R1r0OQLvS9iFghZSYyoaTRgvd93V7FoxuUx3kfiKbLpQcQNHyvZef5K8oz5Lsf5fnHqyKoqDRAECyRRbshDQVvBs1xpY7Z1ryN-tB1cT20Z2mZT2c6YrOb2BPLtqehubsyV-nIou1KLJhH4y3cSkgGJi2PfdEtJ72I0js9wYEbcFbkfm4p_Mjcd3rvFXtfBZxtuH4hm9Z27YtIuUq9CGlEJ6g8CTg-o-fhH3HQF9dLmmmF6H3QqkLsEnqdNcdtuEmNFKpGMcaOErGI5dMh5Cxeb33ILOWePwmFxP2G-7EoECq_-ww4-G4mzPJddV2yj9BZC2DiPtxSNBNtXNFs5rnYbk63vJ_-Pn6l3PvULSEgt3qw-oEbONLbQUXVu97Q8jTG2W05mSHrqCvybNUYs7mYCNMn2enkCulH-Eiaj4QWh_D9PqXEEQHACjH_r9kovz-irwM8yqdh6GaLG--g_rwyCxYY8fCX2qs4_hhckICA0YHG0yyefMJB7PbFmuy9XD_zhOWRkp4ME5N1L3h0AAl3dZh2KOuWB6qCt_c-3u0eajibksTsGvtH9oUl-fvUFG8itG9Zc4HY2dIBtlDywlsCYVwtCi4ZA2C4heyvca0xpAl_yh2jzObXosPeNTpqReVxVP_ri4OY3cGJyky_mOOGQ34GlQFcPouuZBvIlHdHD4-BvlMdILSBRGUscCqUcqCFNo06e3bOCQEFQMdV3ef8kSICpISEo3Vyo3hB-lw5-Qy46E89WUJLlfyYg4otptTywrL8ZT6S1Wa5MGHcUdyTF79TExbRx-XYe2NcQ204CMzMup3w8vdLgfSd4OpJ09ZK9nsJLgSpvEtqgMuTRAB_vrCYoNZb-7uSnxu0JbEpkOfqzm6M1oTcCkCGJd3Pr7exImxEZHormGHXBw875ngi2u0KMgiG2C4jqWVNRy7sHaai55eDe2Jw5H5T_tW4WYdtTFaXvlHreF43gmvjAESGZ47KShJXC5kwp2EJ7Xt2MfDSvUvm8lNc5KwRuJpI79c33gNZrUTxg4FQC1MFUrt5CajV3r4Vnjcyh30k8j4tMLQx2yajmaUrWUKhoRD7UXG797gs8oVVSWRtR7B72WsGW-AkZqVJ6fhW-9eQkRh7WledkuxqN6R7KcYpjAd1mdRfWi0gHV8M4VaiROPAHZZdzAJwfKecEU1OXlFwQWsbNn09tyQyfwvWIQ8O6Z7Dw0YdFpuI1BmQTit8Tzbes1ob9xPVuSFx6MmBXeaB6t1yMaEF_lviX2hs7SELVhs9z-YToDGTyFyCXmEf996wLyGrEyNk6ecH0p5hiuA2MEQQGEqQpylE0gGjug0N-Nt3FKiuY3Ke9mgrM1DpjqBcU0Ne8ATvl7OECK_MpGu_MkqKx3abZT0wnRPKNKtcE9uU1CxWfncTUyOzKqdYjs0XfoSCn5QZUV13kv2TOvvsLnF6gToFI3-10an0Cey2rkb3pVvCYnyW-1rnzSrWL_Ai9URIEg6Ex7ESEfUGcKiBmpjqQkRzNwOdjemQGcILUt6U8c4Rp5_-IGa9Dg08n43FJuA9P0O58K_jKJub2pj-iw4k9uMtMV8bPmy3Advdg9dubOAUvA13-v_m3DVPaAMu28lzp9Xl93u4owY7liUKt9gF5FXquHy-L_StFZ4SKRerNYGwqHfvgPCT2lZmLE-OHsVTHhp-hwA1gIeaK-wzRG5cwEf-lB8xa4sxB74CTGyMbc7UF02wBvz_KCvQIpTSieBd-NHzRQRcscu1ktSARRsqFUaDOTckmC7EpjcPw_RMXYj6G3LTtZFe60dlu66an2EzLiIPhmLXvM_dNbJtXxVz5BZEeXBiEeSPLZ74fIIAu-jlz9kNHpmzzLFiVfCw4TxrAjxn24boJIA0eCEj1ZN0NHDPnCrxvTaituEx3MEGJdHl3FULjuVyaaHoOaA1DdhQL7oXxPIXBe29hG8Nq4HDw4s0GTxLzESpJ4D0HRAq82AQRHTSdu7-Sqd4il6OUxkOjMdCt0Fl5BLNVpGAuWH3dZrOjeXV3_2Rxjch2AG9AEmprM7FOzQl9NU7Hpb0htS3gDkXvk5BRlJo8XVLrrg40ZyAA1S_OTB__gA1X3IIYXjfMakwEO1c1DlQt71Bm-pqADtA4Lx0MQk3ArsTXPhd9WEkD7O5_GWUvePmzGE7BVmm6pwXjSC4FdiSW8f4LBH2-uDGRdgwY7uQNXqp0CUCOhEX2PujT9D_VSgCdSmjTgojCM0AL0LaiLYDa-wohlsnOlB0Lg-OydhlDPCjXf8Dre1cE8KCvbSgDrCx43QH3Vf4CGVFaS-Z2uxuah1E4-35UHk6JfQHdfyuzqIorRaKY2iD08g5a3rqIr8oaePxhE2LgILJvSygwoMxJSRhXUBei5td9YZkuXOFTTkFHW48d7kK4YAKf57p5P7_NJuzOsNqj8fg5xcIl22AWWoer0H-icenpyIEuRDlG9xf3CPAyTIv90b8gxUsp7FSjgfdDF-jub1fvUG4zi8_mUKwV9Dg4i2YtsMWw9W3P_hj0jWome-nFdKkKFP-HLNzwjdHzLfw7t4WYx7WEEYtqeg6SyWiRT8-nFVPAyjNk9Xcg9F3166NX7lLEifxTk8BpYVJOyUdxCGUWJ6aaLrc9pN6TFsR9r6CvdQLuVp5EqTgTlLoIPL1WZd9ogC14C-zVaVnc43Mfm-Xqw-sgEW8An8j8cthqGXemsYLxxr470pQhzNpufwYghSWFgb2Ppa0UHK2F3qpiE8uoAAf28rabfNMaMkQCfGex0vS6tBcpiak_EGfwDgbXo5VSEeOkOU7VwK_qRxlWoCGk-xM9kGVybWzds9Sfh9CAToebEHRQfohRvaNpk4jb_fpZ0P0y-Kw5qUitXxrGaPoTbDWu1RjRPfTnMVqPAEuOsZRyJPmtYvaWcye5S0LlGWCThdJtpqaegHtV_0cJ8mtXQukH_JzQU97puVR2HqVREj9j95nEKMuj4YVolUyYqXSHQ5qgbirMR3whdcl8-1xmyjcAdi2Fgrf30FNauJVPde1vsFCYyojjAdB262yF-H7iGJ0bEPklIU0UvxCp25SRFzopHj7NCQBpU6wQK7BpUVWraLra30re7Y3qEVJ-q1sPmc69ZgXVTezGr9mU&cid=CAASFeRom8DbnfgKhWYEB2GnSzQ-T8V0HQ&rfl=1%2Chttp%253A%252F%252Frebelscum.com%252F%240
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5922f24f8e9f03ff3c230ceee55b2c32ce37fc34aa6a41b24f271d7c6ed5e47c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26032
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A88
42 B
515 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bw73ZT5ePQFyAbY6lEEd0QtOgv6bpH8G3bwLGv7NH21YLRCSOxrT-Ub_HAgOXJaeAuchiP58WwUUmktKYR9FTith2sSGKa05vv81n1xA7RYzB7FPw
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 9A88
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 01:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 01:22:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9A88
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sat, 24 Jul 2021 02:03:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 9A88
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 01:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 01:41:13 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E8B1
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 03:19:18 GMT
x-content-type-options
nosniff
server
cafe
age
81863
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 24 Jul 2021 03:19:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E8B1
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 13:07:41 GMT
x-content-type-options
nosniff
server
cafe
age
46560
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 24 Jul 2021 13:07:41 GMT
2081719287100605180
tpc.googlesyndication.com/daca_images/simgad/ Frame D856
65 KB
65 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/2081719287100605180
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1ca7ad599f3cb79277e8edf9e207bd93448b3b62e848fd6f2a125de60d13f69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:33:12 GMT
x-content-type-options
nosniff
age
336629
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66257
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 14:57:13 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 04:33:12 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D856
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 03:19:18 GMT
x-content-type-options
nosniff
server
cafe
age
81863
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 24 Jul 2021 03:19:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D856
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 13:07:41 GMT
x-content-type-options
nosniff
server
cafe
age
46560
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 24 Jul 2021 13:07:41 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 9A88
176 KB
61 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 09:39:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Jul 2021 09:39:43 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/ Frame 9A88
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJKIjMSoQBV0RYWaYLgS6dsHGOs-T5_nFdoZJ2TIuFf8tRLuRnH74P54pscKq13zYVfP3uE2nQp-7RpZqkhOkJtbmOTtOxpMBTaGRSSQYfqNWS8d5icMlK0kAHP1QMSjItmPk0DMmdnDkUgzjAiFlTJ0pK6Q&dbm_d=AKAmf-Dv2BNXBQ-I_cg6UYf9ZrCkapCWjQil4AMRRFRixgFdRJc_VazUIB3xSO7nVlYEQ12h2R1r0OQLvS9iFghZSYyoaTRgvd93V7FoxuUx3kfiKbLpQcQNHyvZef5K8oz5Lsf5fnHqyKoqDRAECyRRbshDQVvBs1xpY7Z1ryN-tB1cT20Z2mZT2c6YrOb2BPLtqehubsyV-nIou1KLJhH4y3cSkgGJi2PfdEtJ72I0js9wYEbcFbkfm4p_Mjcd3rvFXtfBZxtuH4hm9Z27YtIuUq9CGlEJ6g8CTg-o-fhH3HQF9dLmmmF6H3QqkLsEnqdNcdtuEmNFKpGMcaOErGI5dMh5Cxeb33ILOWePwmFxP2G-7EoECq_-ww4-G4mzPJddV2yj9BZC2DiPtxSNBNtXNFs5rnYbk63vJ_-Pn6l3PvULSEgt3qw-oEbONLbQUXVu97Q8jTG2W05mSHrqCvybNUYs7mYCNMn2enkCulH-Eiaj4QWh_D9PqXEEQHACjH_r9kovz-irwM8yqdh6GaLG--g_rwyCxYY8fCX2qs4_hhckICA0YHG0yyefMJB7PbFmuy9XD_zhOWRkp4ME5N1L3h0AAl3dZh2KOuWB6qCt_c-3u0eajibksTsGvtH9oUl-fvUFG8itG9Zc4HY2dIBtlDywlsCYVwtCi4ZA2C4heyvca0xpAl_yh2jzObXosPeNTpqReVxVP_ri4OY3cGJyky_mOOGQ34GlQFcPouuZBvIlHdHD4-BvlMdILSBRGUscCqUcqCFNo06e3bOCQEFQMdV3ef8kSICpISEo3Vyo3hB-lw5-Qy46E89WUJLlfyYg4otptTywrL8ZT6S1Wa5MGHcUdyTF79TExbRx-XYe2NcQ204CMzMup3w8vdLgfSd4OpJ09ZK9nsJLgSpvEtqgMuTRAB_vrCYoNZb-7uSnxu0JbEpkOfqzm6M1oTcCkCGJd3Pr7exImxEZHormGHXBw875ngi2u0KMgiG2C4jqWVNRy7sHaai55eDe2Jw5H5T_tW4WYdtTFaXvlHreF43gmvjAESGZ47KShJXC5kwp2EJ7Xt2MfDSvUvm8lNc5KwRuJpI79c33gNZrUTxg4FQC1MFUrt5CajV3r4Vnjcyh30k8j4tMLQx2yajmaUrWUKhoRD7UXG797gs8oVVSWRtR7B72WsGW-AkZqVJ6fhW-9eQkRh7WledkuxqN6R7KcYpjAd1mdRfWi0gHV8M4VaiROPAHZZdzAJwfKecEU1OXlFwQWsbNn09tyQyfwvWIQ8O6Z7Dw0YdFpuI1BmQTit8Tzbes1ob9xPVuSFx6MmBXeaB6t1yMaEF_lviX2hs7SELVhs9z-YToDGTyFyCXmEf996wLyGrEyNk6ecH0p5hiuA2MEQQGEqQpylE0gGjug0N-Nt3FKiuY3Ke9mgrM1DpjqBcU0Ne8ATvl7OECK_MpGu_MkqKx3abZT0wnRPKNKtcE9uU1CxWfncTUyOzKqdYjs0XfoSCn5QZUV13kv2TOvvsLnF6gToFI3-10an0Cey2rkb3pVvCYnyW-1rnzSrWL_Ai9URIEg6Ex7ESEfUGcKiBmpjqQkRzNwOdjemQGcILUt6U8c4Rp5_-IGa9Dg08n43FJuA9P0O58K_jKJub2pj-iw4k9uMtMV8bPmy3Advdg9dubOAUvA13-v_m3DVPaAMu28lzp9Xl93u4owY7liUKt9gF5FXquHy-L_StFZ4SKRerNYGwqHfvgPCT2lZmLE-OHsVTHhp-hwA1gIeaK-wzRG5cwEf-lB8xa4sxB74CTGyMbc7UF02wBvz_KCvQIpTSieBd-NHzRQRcscu1ktSARRsqFUaDOTckmC7EpjcPw_RMXYj6G3LTtZFe60dlu66an2EzLiIPhmLXvM_dNbJtXxVz5BZEeXBiEeSPLZ74fIIAu-jlz9kNHpmzzLFiVfCw4TxrAjxn24boJIA0eCEj1ZN0NHDPnCrxvTaituEx3MEGJdHl3FULjuVyaaHoOaA1DdhQL7oXxPIXBe29hG8Nq4HDw4s0GTxLzESpJ4D0HRAq82AQRHTSdu7-Sqd4il6OUxkOjMdCt0Fl5BLNVpGAuWH3dZrOjeXV3_2Rxjch2AG9AEmprM7FOzQl9NU7Hpb0htS3gDkXvk5BRlJo8XVLrrg40ZyAA1S_OTB__gA1X3IIYXjfMakwEO1c1DlQt71Bm-pqADtA4Lx0MQk3ArsTXPhd9WEkD7O5_GWUvePmzGE7BVmm6pwXjSC4FdiSW8f4LBH2-uDGRdgwY7uQNXqp0CUCOhEX2PujT9D_VSgCdSmjTgojCM0AL0LaiLYDa-wohlsnOlB0Lg-OydhlDPCjXf8Dre1cE8KCvbSgDrCx43QH3Vf4CGVFaS-Z2uxuah1E4-35UHk6JfQHdfyuzqIorRaKY2iD08g5a3rqIr8oaePxhE2LgILJvSygwoMxJSRhXUBei5td9YZkuXOFTTkFHW48d7kK4YAKf57p5P7_NJuzOsNqj8fg5xcIl22AWWoer0H-icenpyIEuRDlG9xf3CPAyTIv90b8gxUsp7FSjgfdDF-jub1fvUG4zi8_mUKwV9Dg4i2YtsMWw9W3P_hj0jWome-nFdKkKFP-HLNzwjdHzLfw7t4WYx7WEEYtqeg6SyWiRT8-nFVPAyjNk9Xcg9F3166NX7lLEifxTk8BpYVJOyUdxCGUWJ6aaLrc9pN6TFsR9r6CvdQLuVp5EqTgTlLoIPL1WZd9ogC14C-zVaVnc43Mfm-Xqw-sgEW8An8j8cthqGXemsYLxxr470pQhzNpufwYghSWFgb2Ppa0UHK2F3qpiE8uoAAf28rabfNMaMkQCfGex0vS6tBcpiak_EGfwDgbXo5VSEeOkOU7VwK_qRxlWoCGk-xM9kGVybWzds9Sfh9CAToebEHRQfohRvaNpk4jb_fpZ0P0y-Kw5qUitXxrGaPoTbDWu1RjRPfTnMVqPAEuOsZRyJPmtYvaWcye5S0LlGWCThdJtpqaegHtV_0cJ8mtXQukH_JzQU97puVR2HqVREj9j95nEKMuj4YVolUyYqXSHQ5qgbirMR3whdcl8-1xmyjcAdi2Fgrf30FNauJVPde1vsFCYyojjAdB262yF-H7iGJ0bEPklIU0UvxCp25SRFzopHj7NCQBpU6wQK7BpUVWraLra30re7Y3qEVJ-q1sPmc69ZgXVTezGr9mU&cid=CAASFeRom8DbnfgKhWYEB2GnSzQ-T8V0HQ&rfl=1%2Chttp%253A%252F%252Frebelscum.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 01:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 01:52:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 9A88
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJKIjMSoQBV0RYWaYLgS6dsHGOs-T5_nFdoZJ2TIuFf8tRLuRnH74P54pscKq13zYVfP3uE2nQp-7RpZqkhOkJtbmOTtOxpMBTaGRSSQYfqNWS8d5icMlK0kAHP1QMSjItmPk0DMmdnDkUgzjAiFlTJ0pK6Q&dbm_d=AKAmf-Dv2BNXBQ-I_cg6UYf9ZrCkapCWjQil4AMRRFRixgFdRJc_VazUIB3xSO7nVlYEQ12h2R1r0OQLvS9iFghZSYyoaTRgvd93V7FoxuUx3kfiKbLpQcQNHyvZef5K8oz5Lsf5fnHqyKoqDRAECyRRbshDQVvBs1xpY7Z1ryN-tB1cT20Z2mZT2c6YrOb2BPLtqehubsyV-nIou1KLJhH4y3cSkgGJi2PfdEtJ72I0js9wYEbcFbkfm4p_Mjcd3rvFXtfBZxtuH4hm9Z27YtIuUq9CGlEJ6g8CTg-o-fhH3HQF9dLmmmF6H3QqkLsEnqdNcdtuEmNFKpGMcaOErGI5dMh5Cxeb33ILOWePwmFxP2G-7EoECq_-ww4-G4mzPJddV2yj9BZC2DiPtxSNBNtXNFs5rnYbk63vJ_-Pn6l3PvULSEgt3qw-oEbONLbQUXVu97Q8jTG2W05mSHrqCvybNUYs7mYCNMn2enkCulH-Eiaj4QWh_D9PqXEEQHACjH_r9kovz-irwM8yqdh6GaLG--g_rwyCxYY8fCX2qs4_hhckICA0YHG0yyefMJB7PbFmuy9XD_zhOWRkp4ME5N1L3h0AAl3dZh2KOuWB6qCt_c-3u0eajibksTsGvtH9oUl-fvUFG8itG9Zc4HY2dIBtlDywlsCYVwtCi4ZA2C4heyvca0xpAl_yh2jzObXosPeNTpqReVxVP_ri4OY3cGJyky_mOOGQ34GlQFcPouuZBvIlHdHD4-BvlMdILSBRGUscCqUcqCFNo06e3bOCQEFQMdV3ef8kSICpISEo3Vyo3hB-lw5-Qy46E89WUJLlfyYg4otptTywrL8ZT6S1Wa5MGHcUdyTF79TExbRx-XYe2NcQ204CMzMup3w8vdLgfSd4OpJ09ZK9nsJLgSpvEtqgMuTRAB_vrCYoNZb-7uSnxu0JbEpkOfqzm6M1oTcCkCGJd3Pr7exImxEZHormGHXBw875ngi2u0KMgiG2C4jqWVNRy7sHaai55eDe2Jw5H5T_tW4WYdtTFaXvlHreF43gmvjAESGZ47KShJXC5kwp2EJ7Xt2MfDSvUvm8lNc5KwRuJpI79c33gNZrUTxg4FQC1MFUrt5CajV3r4Vnjcyh30k8j4tMLQx2yajmaUrWUKhoRD7UXG797gs8oVVSWRtR7B72WsGW-AkZqVJ6fhW-9eQkRh7WledkuxqN6R7KcYpjAd1mdRfWi0gHV8M4VaiROPAHZZdzAJwfKecEU1OXlFwQWsbNn09tyQyfwvWIQ8O6Z7Dw0YdFpuI1BmQTit8Tzbes1ob9xPVuSFx6MmBXeaB6t1yMaEF_lviX2hs7SELVhs9z-YToDGTyFyCXmEf996wLyGrEyNk6ecH0p5hiuA2MEQQGEqQpylE0gGjug0N-Nt3FKiuY3Ke9mgrM1DpjqBcU0Ne8ATvl7OECK_MpGu_MkqKx3abZT0wnRPKNKtcE9uU1CxWfncTUyOzKqdYjs0XfoSCn5QZUV13kv2TOvvsLnF6gToFI3-10an0Cey2rkb3pVvCYnyW-1rnzSrWL_Ai9URIEg6Ex7ESEfUGcKiBmpjqQkRzNwOdjemQGcILUt6U8c4Rp5_-IGa9Dg08n43FJuA9P0O58K_jKJub2pj-iw4k9uMtMV8bPmy3Advdg9dubOAUvA13-v_m3DVPaAMu28lzp9Xl93u4owY7liUKt9gF5FXquHy-L_StFZ4SKRerNYGwqHfvgPCT2lZmLE-OHsVTHhp-hwA1gIeaK-wzRG5cwEf-lB8xa4sxB74CTGyMbc7UF02wBvz_KCvQIpTSieBd-NHzRQRcscu1ktSARRsqFUaDOTckmC7EpjcPw_RMXYj6G3LTtZFe60dlu66an2EzLiIPhmLXvM_dNbJtXxVz5BZEeXBiEeSPLZ74fIIAu-jlz9kNHpmzzLFiVfCw4TxrAjxn24boJIA0eCEj1ZN0NHDPnCrxvTaituEx3MEGJdHl3FULjuVyaaHoOaA1DdhQL7oXxPIXBe29hG8Nq4HDw4s0GTxLzESpJ4D0HRAq82AQRHTSdu7-Sqd4il6OUxkOjMdCt0Fl5BLNVpGAuWH3dZrOjeXV3_2Rxjch2AG9AEmprM7FOzQl9NU7Hpb0htS3gDkXvk5BRlJo8XVLrrg40ZyAA1S_OTB__gA1X3IIYXjfMakwEO1c1DlQt71Bm-pqADtA4Lx0MQk3ArsTXPhd9WEkD7O5_GWUvePmzGE7BVmm6pwXjSC4FdiSW8f4LBH2-uDGRdgwY7uQNXqp0CUCOhEX2PujT9D_VSgCdSmjTgojCM0AL0LaiLYDa-wohlsnOlB0Lg-OydhlDPCjXf8Dre1cE8KCvbSgDrCx43QH3Vf4CGVFaS-Z2uxuah1E4-35UHk6JfQHdfyuzqIorRaKY2iD08g5a3rqIr8oaePxhE2LgILJvSygwoMxJSRhXUBei5td9YZkuXOFTTkFHW48d7kK4YAKf57p5P7_NJuzOsNqj8fg5xcIl22AWWoer0H-icenpyIEuRDlG9xf3CPAyTIv90b8gxUsp7FSjgfdDF-jub1fvUG4zi8_mUKwV9Dg4i2YtsMWw9W3P_hj0jWome-nFdKkKFP-HLNzwjdHzLfw7t4WYx7WEEYtqeg6SyWiRT8-nFVPAyjNk9Xcg9F3166NX7lLEifxTk8BpYVJOyUdxCGUWJ6aaLrc9pN6TFsR9r6CvdQLuVp5EqTgTlLoIPL1WZd9ogC14C-zVaVnc43Mfm-Xqw-sgEW8An8j8cthqGXemsYLxxr470pQhzNpufwYghSWFgb2Ppa0UHK2F3qpiE8uoAAf28rabfNMaMkQCfGex0vS6tBcpiak_EGfwDgbXo5VSEeOkOU7VwK_qRxlWoCGk-xM9kGVybWzds9Sfh9CAToebEHRQfohRvaNpk4jb_fpZ0P0y-Kw5qUitXxrGaPoTbDWu1RjRPfTnMVqPAEuOsZRyJPmtYvaWcye5S0LlGWCThdJtpqaegHtV_0cJ8mtXQukH_JzQU97puVR2HqVREj9j95nEKMuj4YVolUyYqXSHQ5qgbirMR3whdcl8-1xmyjcAdi2Fgrf30FNauJVPde1vsFCYyojjAdB262yF-H7iGJ0bEPklIU0UvxCp25SRFzopHj7NCQBpU6wQK7BpUVWraLra30re7Y3qEVJ-q1sPmc69ZgXVTezGr9mU&cid=CAASFeRom8DbnfgKhWYEB2GnSzQ-T8V0HQ&rfl=1%2Chttp%253A%252F%252Frebelscum.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 01:25:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2319
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9349
x-xss-protection
0
server
cafe
etag
11779355884012761328
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Aug 2021 01:25:02 GMT
rum
dsum-sec.casalemedia.com/ Frame 8705
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOBNUiX96d9JOFtWhNAUlnk&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOBNUiX96d9JOFtWhNAUlnk&google_cver=1&C=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOBNUiX96d9JOFtWhNAUlnk&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-QQRCDya0CGOP2wa8BMAE&v=APEucNXG1bM2wBRuN6pLLB9UrgAElhqsagsXKMeoGNSCetyH3IPs1Gw1KmjEuwIeaFCoMVbtK74WpN6fhvrAB9MJFm3mj1hTsBTRTIvAwQ_YBHaEPss3TeA5hv_pyNer7tWX9InWTp5tKq0CvvlJ5mCmBMyJhDVZkD8ntE_EWLP3SziU5Men5DI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 02:03:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 02:03:41 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 02:03:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOBNUiX96d9JOFtWhNAUlnk&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sat, 24 Jul 2021 02:03:41 GMT
rum
dsum-sec.casalemedia.com/ Frame 8705
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPt0-RRdUgmRanh5pUq-PgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOBNUiX96d9JOFtWhNAUlnk&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOBNUiX96d9JOFtWhNAUlnk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-QQRCDya0CGOP2wa8BMAE&v=APEucNXG1bM2wBRuN6pLLB9UrgAElhqsagsXKMeoGNSCetyH3IPs1Gw1KmjEuwIeaFCoMVbtK74WpN6fhvrAB9MJFm3mj1hTsBTRTIvAwQ_YBHaEPss3TeA5hv_pyNer7tWX9InWTp5tKq0CvvlJ5mCmBMyJhDVZkD8ntE_EWLP3SziU5Men5DI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 02:03:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Jul 2021 02:03:41 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOBNUiX96d9JOFtWhNAUlnk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8705
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBXbDW2ZH4a7o3iOV5PNNgA&google_cver=1
43 B
1006 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBXbDW2ZH4a7o3iOV5PNNgA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-QQRCDya0CGOP2wa8BMAE&v=APEucNXG1bM2wBRuN6pLLB9UrgAElhqsagsXKMeoGNSCetyH3IPs1Gw1KmjEuwIeaFCoMVbtK74WpN6fhvrAB9MJFm3mj1hTsBTRTIvAwQ_YBHaEPss3TeA5hv_pyNer7tWX9InWTp5tKq0CvvlJ5mCmBMyJhDVZkD8ntE_EWLP3SziU5Men5DI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 02:03:41 GMT
X-Proxy-Origin
37.120.211.116; 37.120.211.116; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c40e7d1f-8003-4e98-9740-bb6c1c6f439d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBXbDW2ZH4a7o3iOV5PNNgA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8705
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUwODAyNjY0NDQ4NzExMjk3MQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUwODAyNjY0NDQ4NzExMjk3MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-QQRCDya0CGOP2wa8BMAE&v=APEucNXG1bM2wBRuN6pLLB9UrgAElhqsagsXKMeoGNSCetyH3IPs1Gw1KmjEuwIeaFCoMVbtK74WpN6fhvrAB9MJFm3mj1hTsBTRTIvAwQ_YBHaEPss3TeA5hv_pyNer7tWX9InWTp5tKq0CvvlJ5mCmBMyJhDVZkD8ntE_EWLP3SziU5Men5DI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 02:03:41 GMT
X-Proxy-Origin
37.120.211.116; 37.120.211.116; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
607f09a2-11d1-4ac0-950e-db26fb7a868b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUwODAyNjY0NDQ4NzExMjk3MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9A88
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 00:44:09 GMT
truncated
/ Frame 9A88
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db6767108ee1d409a8abf09c65f373e5fae284c5ca9234a6149908d5d516f537

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/ Frame 32DB
3 KB
939 B
Document
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2b9f9b7c525efc683d5c568e788af5225b7f8965fb0ff5ee96319210dda2578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
914
date
Sat, 24 Jul 2021 02:03:41 GMT
expires
Sun, 25 Jul 2021 02:03:41 GMT
cache-control
public, max-age=86400
last-modified
Wed, 07 Jul 2021 12:14:27 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 9A88
0
255 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsst40y58iTQnJ0-FH6pXKHcMKRNGiygbTUDr89MsPiNzq062uI8qZg9rgot9oChIcAohgt2CQM7fQG6AQKkjCd-itsF8rpU-HnxiQEaoP_E6sSQFG75NtcuXEkN9R7CuZp3ff8i3DUT-U-BSqhoFeK0JALkFxbySnLrySdqPtPwyqT1bgf33spc26XhL3xSw_Y17N8KJSry1YiZ07Aku0D8rdKXuBUfHBBAwkRDKZjs9MWBt3nMev9hGrVN30HXKeT7wQJ5Y8izjIZk0543WMoECbVcs0tPCfDfftRMlvx5QnMs2LNLggQsgYGvwQUh1mV3dnDkUP6rOgBJV1JEZDTqsDxGhRBFraQZMHTRevL5lFeJnB_dxfgjiPW1iPWVC8vpVUszKxGBglwahjnuqJtBFus20L1OBWDMlGoMA0Q-8qWvLzAe8KzT2f3FrwUATr04hxeQ-1Ni7CzJxSVLZzJz17SZMZQ9Wr4ZwdectYuOKTqLs1P8iNyRMinGAsRK5q-FnGdM5XJZ5sYe_Z101bVs4Cx09DHY9vi2dgXevAO3o2j9PUnhaESOgcMxahJumlLDpvHWhDWlhaDTyZSU3Pz8U7GQi77cEGXXp8J2hU5Vxf3Cn2EG3bGeZnb8aT4yLpvxSkLn3VOAwaCE2J8ppAljt9mlup72XjI0OwydLMq55oD8_i05yuC5N3hlqXy8j46WDAhF7K6mgUs9kZNlefHBpOBqHRC_r-R440dHLDOOSZ0GMGBinBLN3SdFvNI-P4ZmdsMxnx5SEV6-RJx4aeiHHbXeKI4zRUotSeHSFx1_aqh2VOqxmSIJS69RNz8TCvCURHX5UP1n6hLwd9zlHgmpQ6kdKxQ2aiNnRao8MXAAK3B1gnPG1pxtwINC0kCPURFHh0rA0flIHFLDI4IQVfbc1ceJcFbPjOXqtLwNSRFgtikfnpUOh0uC6rjGAoU31PoiFMCLI7TuBlhmIfhziN3NL_4lK1EJk2PEkkUeh2_9p81HdlP6vzxt-rPg0ikmyXVmlGwmeiWhyqAwP-iJleBwP2oHi8bVEkMQK_VyvXH2Ily0CV649L6XSToLUSP49WbQP30HeLzSGYIC8UF8rf8daOR7k1bdfYzfgdvCvH7yvWjZXQMFUqjqz_uqvx3Im-TLHHvRa0PFC-Rf7IIejgCvlvIBeFCNPbEv1TU&sai=AMfl-YT0MnpNPn4Hmole7MipT2eUrVyrcKCVMTzoaUtLSSiDkFrp-Ol5GJa4YilYT12ryh1D8HV4KsHdsvDZNYAWzyzomdpb1ccKJ9VYIz5uJcaSqd63KCpuC2VReCWfR3JbHcrVY8EvAPRTBJoIPAnvf-7gBK8p7fH6jJIfSWI&sig=Cg0ArKJSzORkO-wF_Um3EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=129&cbvp=1&cstd=120&cisv=r20210720.50961&adurl=
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 24 Jul 2021 02:03:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
d.agkn.com/pixel/2387/ Frame 9A88
43 B
664 B
Image
General
Full URL
https://d.agkn.com/pixel/2387/?ct=DE&st=&city=0&dma=0&zp=&bw=4&che=3899755791&col=26181756,6195970,308572834,500960111,154016848
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.172.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-172-136.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Jul 2021 02:03:40 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
img;adv=11257243561028;ec=11257243847300;adv.a=9232428;c.a=26181756;s.a=6195970;p.a=308572834;a.a=500960111;cache=3899755791;
ad.atdmt.com/i/ Frame 9A88
43 B
1 KB
Image
General
Full URL
https://ad.atdmt.com/i/img;adv=11257243561028;ec=11257243847300;adv.a=9232428;c.a=26181756;s.a=6195970;p.a=308572834;a.a=500960111;cache=3899755791;
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:10d:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
pragma
no-cache
x-fb-debug
rxFvGywt76nIefBkMr8KcsbzEKUyiiBWr/vEeelOrnF8m9rFBqxueqmOO3n9I6iuJ+d6aSEpM8WSjMJ1gVvUtQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-frame-options
DENY
date
Sat, 24 Jul 2021 02:03:41 GMT
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rlafr
0
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
firstevent
discovery.demdex.net/ Frame 9A88
Redirect Chain
  • https://discovery.demdex.net/event?d_event=imp&d_src=488828&d_site=9232428&d_creative=154016848&d_placement=308572834&d_campaign=26181756
  • https://discovery.demdex.net/firstevent?d_event=imp&d_src=488828&d_site=9232428&d_creative=154016848&d_placement=308572834&d_campaign=26181756
42 B
970 B
Image
General
Full URL
https://discovery.demdex.net/firstevent?d_event=imp&d_src=488828&d_site=9232428&d_creative=154016848&d_placement=308572834&d_campaign=26181756
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-159-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v012-03d9cf435.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
P0pC2O4NQcg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v012-0eecf40e0.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
FBcUqvsRSZ8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://discovery.demdex.net/firstevent?d_event=imp&d_src=488828&d_site=9232428&d_creative=154016848&d_placement=308572834&d_campaign=26181756
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FD77
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 23 Jul 2021 05:56:59 GMT
expires
Sat, 23 Jul 2022 05:56:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
72402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles.css
s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/ Frame 32DB
2 KB
853 B
Stylesheet
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
def9013f67932bceea677bfe7a0f5fc9c3ffe7a345bbcd52d1ad2773745f7f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 01:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
827
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 12:14:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 01:38:18 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 32DB
113 KB
38 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Jul 2021 02:03:41 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame 32DB
116 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 11:18:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Jul 2021 11:18:30 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 32DB
236 KB
63 KB
Script
General
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:41 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 24 Jul 2021 02:18:41 GMT
Dynamic_Binding.js
s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/ Frame 32DB
14 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/Dynamic_Binding.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f003b7af26c951d8c1724d355042ee1234ed68539bf950079f45dc51c68cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 01:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2242
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 12:14:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 01:36:01 GMT
script.js
s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/ Frame 32DB
7 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29e2d916770983111203a44ec71edad1a73b0679e305dc69cc4e722761ad06d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 01:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1495
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 12:14:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 01:36:01 GMT
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame FD77
34 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
177573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 00:44:08 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9A88
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsst40y58iTQnJ0-FH6pXKHcMKRNGiygbTUDr89MsPiNzq062uI8qZg9rgot9oChIcAohgt2CQM7fQG6AQKkjCd-itsF8rpU-HnxiQEaoP_E6sSQFG75NtcuXEkN9R7CuZp3ff8i3DUT-U-BSqhoFeK0JALkFxbySnLrySdqPtPwyqT1bgf33spc26XhL3xSw_Y17N8KJSry1YiZ07Aku0D8rdKXuBUfHBBAwkRDKZjs9MWBt3nMev9hGrVN30HXKeT7wQJ5Y8izjIZk0543WMoECbVcs0tPCfDfftRMlvx5QnMs2LNLggQsgYGvwQUh1mV3dnDkUP6rOgBJV1JEZDTqsDxGhRBFraQZMHTRevL5lFeJnB_dxfgjiPW1iPWVC8vpVUszKxGBglwahjnuqJtBFus20L1OBWDMlGoMA0Q-8qWvLzAe8KzT2f3FrwUATr04hxeQ-1Ni7CzJxSVLZzJz17SZMZQ9Wr4ZwdectYuOKTqLs1P8iNyRMinGAsRK5q-FnGdM5XJZ5sYe_Z101bVs4Cx09DHY9vi2dgXevAO3o2j9PUnhaESOgcMxahJumlLDpvHWhDWlhaDTyZSU3Pz8U7GQi77cEGXXp8J2hU5Vxf3Cn2EG3bGeZnb8aT4yLpvxSkLn3VOAwaCE2J8ppAljt9mlup72XjI0OwydLMq55oD8_i05yuC5N3hlqXy8j46WDAhF7K6mgUs9kZNlefHBpOBqHRC_r-R440dHLDOOSZ0GMGBinBLN3SdFvNI-P4ZmdsMxnx5SEV6-RJx4aeiHHbXeKI4zRUotSeHSFx1_aqh2VOqxmSIJS69RNz8TCvCURHX5UP1n6hLwd9zlHgmpQ6kdKxQ2aiNnRao8MXAAK3B1gnPG1pxtwINC0kCPURFHh0rA0flIHFLDI4IQVfbc1ceJcFbPjOXqtLwNSRFgtikfnpUOh0uC6rjGAoU31PoiFMCLI7TuBlhmIfhziN3NL_4lK1EJk2PEkkUeh2_9p81HdlP6vzxt-rPg0ikmyXVmlGwmeiWhyqAwP-iJleBwP2oHi8bVEkMQK_VyvXH2Ily0CV649L6XSToLUSP49WbQP30HeLzSGYIC8UF8rf8daOR7k1bdfYzfgdvCvH7yvWjZXQMFUqjqz_uqvx3Im-TLHHvRa0PFC-Rf7IIejgCvlvIBeFCNPbEv1TU&sai=AMfl-YT0MnpNPn4Hmole7MipT2eUrVyrcKCVMTzoaUtLSSiDkFrp-Ol5GJa4YilYT12ryh1D8HV4KsHdsvDZNYAWzyzomdpb1ccKJ9VYIz5uJcaSqd63KCpuC2VReCWfR3JbHcrVY8EvAPRTBJoIPAnvf-7gBK8p7fH6jJIfSWI&sig=Cg0ArKJSzORkO-wF_Um3EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=287&vt=11&dtpt=158&dett=3&cstd=120&cisv=r20210720.50961&adurl=
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 02:03:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ESPD2C_TK2020_SPEEDLINEanim_600x600.js
s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/ Frame 32DB
21 KB
4 KB
Script
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/ESPD2C_TK2020_SPEEDLINEanim_600x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/Dynamic_Binding.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fc4080c850910f90de662ff7983098630ab07d02e18f0b301da5b4b729b3eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 01:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4504
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 12:14:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 01:36:39 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 32DB
5 KB
4 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c4e8403c1bade9d3d029f9476914297a854a734997c98cbcea0a844eaac08df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 02:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4244
x-xss-protection
0
60020998_20210630080401262_300x250_LOGO_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
19 KB
19 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210630080401262_300x250_LOGO_INTRO.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2016e5dd61fccfea586d68a284adae6d1ca7be2758204d6fbce9d2d4663f02c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:28:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 15:04:01 GMT
server
sffe
age
66911
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19565
x-xss-protection
0
expires
Sat, 24 Jul 2021 07:28:30 GMT
60020998_20210630080346713_300x250_CTA.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210630080346713_300x250_CTA.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f13b21330614f776e657f37dd2cb7d76894374e3ac6d4aecd55f8f6df68433e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 09:17:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 15:03:46 GMT
server
sffe
age
60367
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4040
x-xss-protection
0
expires
Sat, 24 Jul 2021 09:17:34 GMT
60020998_20210630080423599_300x250_TXT_LEGAL.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
13 KB
13 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210630080423599_300x250_TXT_LEGAL.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403ae44014bd24ec852c88d499c696f6e3ef03d460a442797ff8ceba5e425bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:28:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 15:04:23 GMT
server
sffe
age
66911
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12908
x-xss-protection
0
expires
Sat, 24 Jul 2021 07:28:30 GMT
60020998_20210622022233138_300x250_TK2020_LOGOBLK.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
5 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210622022233138_300x250_TK2020_LOGOBLK.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bb366990a2c91e4126e365451771416db8fbedbc00acfe79ba6a741dd2a5d5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 03:30:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Jun 2021 09:22:33 GMT
server
sffe
age
81177
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4673
x-xss-protection
0
expires
Sat, 24 Jul 2021 03:30:44 GMT
60020998_20210630080426444_300x250_TXT_MAIN.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
12 KB
12 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210630080426444_300x250_TXT_MAIN.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee53aa89de271e202c6fdd6918b73d1e050a72e808980e99503fe0152f66fe48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 09:17:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 15:04:26 GMT
server
sffe
age
60367
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12683
x-xss-protection
0
expires
Sat, 24 Jul 2021 09:17:34 GMT
60020998_20210625053328631_empty.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210625053328631_empty.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8714386b6edff951cdef8c8072039f59206481123de32f227fc5c669e96af5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 09:11:19 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:33:28 GMT
server
sffe
age
60742
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1409
x-xss-protection
0
expires
Sat, 24 Jul 2021 09:11:19 GMT
60020998_20210630080349609_300x250_IMG_CORPS_1.jpg
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
44 KB
44 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210630080349609_300x250_IMG_CORPS_1.jpg
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ba783a63160085414dfc707e64cda547345d40f7a796f5b812c550529d81c64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 09:17:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 15:03:49 GMT
server
sffe
age
60367
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45388
x-xss-protection
0
expires
Sat, 24 Jul 2021 09:17:34 GMT
60020998_20210622022220156_300x250_TK2020_LOGOWHT_CORPS.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
5 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210622022220156_300x250_TK2020_LOGOWHT_CORPS.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57b5ebaa1102f55c7da76c94d9738eac43fffcf3befa5991c38260539c6d605d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 09:26:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Jun 2021 09:22:20 GMT
server
sffe
age
59833
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4802
x-xss-protection
0
expires
Sat, 24 Jul 2021 09:26:28 GMT
60020998_20210702062642949_300x250_TXT_CORPS_1.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210702062642949_300x250_TXT_CORPS_1.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e2938669ffdc6826a4ee04adbe45d6d538e7603e0fa1d32bb675fab40880d11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 09:17:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 02 Jul 2021 13:26:43 GMT
server
sffe
age
60367
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7014
x-xss-protection
0
expires
Sat, 24 Jul 2021 09:17:34 GMT
60020998_20210630080358556_300x250_LOGO_CORPS.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
20 KB
20 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210630080358556_300x250_LOGO_CORPS.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b1b2854a949e997a83ede6a92e3ac909dc37eff774eec3d2ea85fc59c4b2dea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 06:50:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 15:03:58 GMT
server
sffe
age
69206
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20685
x-xss-protection
0
expires
Sat, 24 Jul 2021 06:50:15 GMT
60020998_20210630080352447_300x250_IMG_CORPS_2.jpg
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
43 KB
43 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210630080352447_300x250_IMG_CORPS_2.jpg
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ee79b17dc24cfa5a302e9204f2dc9b86b5bcfe40519e9414884511a1ff5d9e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 09:17:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 15:03:52 GMT
server
sffe
age
60367
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44343
x-xss-protection
0
expires
Sat, 24 Jul 2021 09:17:34 GMT
60020998_20210630080420808_300x250_TXT_CORPS_2.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210630080420808_300x250_TXT_CORPS_2.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38feec3b15eeb5f50c22d8d656733860540c6ae3cf785360ae8a5a64952367ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 09:17:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 15:04:21 GMT
server
sffe
age
60367
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4542
x-xss-protection
0
expires
Sat, 24 Jul 2021 09:17:34 GMT
60020998_20210630080355335_300x250_IMG_CORPS_3.jpg
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
52 KB
52 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210630080355335_300x250_IMG_CORPS_3.jpg
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce6fa9603815a39ebb600c08a21279a8bb1e3289c7d310f305bdd9d76a0e25b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 09:17:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 15:03:55 GMT
server
sffe
age
60367
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52788
x-xss-protection
0
expires
Sat, 24 Jul 2021 09:17:34 GMT
60020998_20210702062703742_300x250_TXT_CORPS_3.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
5 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210702062703742_300x250_TXT_CORPS_3.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
246094b53a476ec32920dfca26fa5b2ca5208f4aced8bcfa60cc6f42affbdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 09:17:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 02 Jul 2021 13:27:03 GMT
server
sffe
age
60367
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5492
x-xss-protection
0
expires
Sat, 24 Jul 2021 09:17:34 GMT
60020998_20210630080404062_300x250_LOGO_MAIN.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
12 KB
12 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210630080404062_300x250_LOGO_MAIN.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eba2bf507e730bab3c0ee9c5a926f789f18687cb5482a620f621158039024e92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:28:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 15:04:04 GMT
server
sffe
age
66911
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12501
x-xss-protection
0
expires
Sat, 24 Jul 2021 07:28:30 GMT
60020998_20210630080435379_300x250_TXT_SECONDENDFRAME.png
s0.2mdn.net/ads/richmedia/studio/60020998/ Frame 32DB
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60020998/60020998_20210630080435379_300x250_TXT_SECONDENDFRAME.png
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c97b6bdeee3e8c2255ce5fb3009c6fb7ff16f7a7486238c343b6961dd978f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/index.html?e=69&leftOffset=0&topOffset=0&c=5h63QJ3hpG&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:28:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 15:04:35 GMT
server
sffe
age
66911
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
x-xss-protection
0
expires
Sat, 24 Jul 2021 07:28:30 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 32DB
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sat, 24 Jul 2021 02:03:41 GMT
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame 2E1C
34 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
177573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 00:44:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD77
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQFwv_XT7YL3cEIKr3gOU25yQDgAAAAA4AeAEAg&bg=!SkmlSQ3NAAbnC78O5ws7ACkAdvg8WqNwYJYw1gDCAVXpiVQ2cAPllyvt7r7ztzZ4a2sU794M45hK3wIAAAGPUgAAABBoAQcKAC_wf70zsU5LEJON6gkq-V95q6eNUty2R71P3hGIlxuWFLAH_mnAG9FKB2t9O_djdpkC0dOQN4hkzQ62YQ7olIsR_bickM2Llze4XeMD7VPYl3IAG1I51cac7JjWG1yCnuYDhjzO4fRhRo08xxsQ9u8eKhegHkFgLEA9t6u33vuqu_WqBT8AjckhKgCGB3AMUGwToa4SDE7r4PqvlEHYyptps1nDJWCIkcY7TFzkWshSaqSU7ACW18lUW6cnokTb-i-QRskDKL8vhNhZZssSRvcelLYSmenzA5HOd-8CtByGMHttwCVJ0XYobPAKiN5QFjal6ptrWI5I8fZ2_ABv_KpP1eMOMFtJGhir9mBOhDj1frXAx2aMBlU-UqH11U_ITFMgsssD_5_MtG7LWEaQww-g07l21ZcNvK6pRkV1mUVVqGzjfpBRYXPaeE4_lpiP58B30-q7GM9La0ZjNZcYiol7AwqGpqz55UFKKsH-VFilx06cB6oGjDd2GdaOmQDDPbBvlaC8x3Uhvh8fA8QmZSOXXFlXG7OFflbDvvpqcdLNOrUN-jVWZ0SQqcSRf7c24UtJsOTBk93tIbnRY2sm_F7wEK8iAE6CiAFcJQi15bKe_tpW2yzXfFQ13Ql_njwYxGkCm6OD1gP-T1boLlzhRO9-s1Oeo3_avHe56JK8YaLgTrPGo273DywJMyuTSte24y_6w5Au5pPjgPVEKvMA8z5CQudoO9YTJlXNLFs5mje7ElGSUifvlQC03cQ5lzm8-PosGgpriKQCnPDObdOubci_bpUl-tnuI2lHLHLPJMHKzCodyim1DrUQlnnJHnpXrwW20OmSGcly-TYinlw0p-QnZmxYy45sw2QPPOFQvuG8dhyRG-Bu55Yd0ch5VkRdqHvdKKx0xHDYKUaLMnq5qZNMrepvnS-WhN1Y6g-X6c238APOGL_7Pd-_u2wq1QDTuaY32x3GYtiCRAeybUgWUBa6wDD6d1I8WiKi1K-SqINGjgdHfIBqk61UrbL33A5kK1Eq6Kg
Requested by
Host: d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
URL: https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4DB2
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwueN8vfwYnq8PfyOYhdqOB90FJ3dCuF44CxvOd6B009azAmaOFjWhu-CWjn-PzivMfdB5gjUIzZcNkrNo0QFEVk2qY5Z1bU-hisRcOSeRD300qm-29ClNWxZBswrsP77eu3FQpYIsyNPBXSMgaJaglQ&sai=AMfl-YQs_YeXR2poDUjXFF1JBJu4byw5-qAlx-ehjsSiUgSgq9BZi_SQsB43qmAhxIDNU24XAG-CavUlm7k5nJ_0TLUsJalb6e0EnPqdKJQqsc0tZXobx43sVvTxauqNPeq3&sig=Cg0ArKJSzNT0HAC8VN-CEAE&id=ampim&o=279,172&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=115&tls=1118&g=100&h=100&tt=1118&r=v&avms=ampa&adk=134564259
Requested by
Host: rebelscum.com
URL: http://rebelscum.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7db94870d5193f9755e4badfeacaeb5258e523301a34af63861af43a77fd53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 02:03:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8508
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sat, 24 Jul 2021 02:03:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4955
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://rebelscum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 23 Jul 2021 20:18:12 GMT
expires
Sat, 23 Jul 2022 20:18:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
20730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B54F
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
03a2f610e5c4e4c433c5a31f8784da5b99f3bf98b27ada435f089895f4750cae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nVUh7Tftwer4sjkN9tcGhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://rebelscum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

expires
Sat, 24 Jul 2021 02:03:42 GMT
date
Sat, 24 Jul 2021 02:03:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-nVUh7Tftwer4sjkN9tcGhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame 4955
34 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
177574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 00:44:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E8B1
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxOt90J4lucTuGqZ_9CwkOjK5FGfvtlD7woa5bfDdLLPKA4TuX9N7bc4_vOrwVtyOq0Xb7zcjkHPfuQ8ftBkVUpW6eQIiWLX88Zf9UaB9HmmR-R8GatVA9B-QJ6_A2jPsHYA4sagtleGxu0C3V24LK&sai=AMfl-YQaNgV7taxF3VX6jSnP5rNtQzPaQxSuUd2cJ8rkFGFHaYKbduRfcZIytAT6H6vP4sCghLl9SxtsMRPztv4YWN6hNAYv2cTH2BpwGDD_79mQ2LUo_F-Tphwy2Uj2o3OB&sig=Cg0ArKJSzJzyNz7ZL0K6EAE&id=ampim&o=281,524&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&tfs=170&tls=1181&g=100&h=100&tt=1181&r=v&avms=ampa&adk=2198091605
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9A88
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvL78fNHMxtS9Y8yygfBZRNDAczCwPzMgxhfUtLfT34MQ5WDVpR1lbR61OpdaSQVGvik1CUrrX-h6-xZIcSBp6SFTezlmVtttvO7E_oU2fWgelzBMedxZsItwUROg&sai=AMfl-YSj1u2-K2zcsspN3WZ9erfx0celNE_VJQR3kfSBnyR2ec3FrZ_FQ4dPr6FvILUWUXAUAfuE-oEaP6-AbWPo55M2NHS2pGpzjXESG_8hFx-gDGojY4GPA3njs5lGH4I6&sig=Cg0ArKJSzM0711MtCVqqEAE&cid=CAASFeRom8DbnfgKhWYEB2GnSzQ-T8V0HQ&id=lidar2&mcvt=1001&p=268,1019,518,1319&asp=268,1019,518,1319&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210723&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=376301205&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1627092220992&dlt=114&rpt=464&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071401&jk=3375548425411775&bg=!UFOlUxfNAAbnC78O5ws7ACkAdvg8WlJWjTzmOK77kV5CJZU1qkas_nbikb50e1HoikMh8pWiwozHNAIAAAC5UgAAAA9oAQeZAnXe0mVxkTjxKkMZ08hx0QTUEjGwt5IW0MAxDklFYxfZDmYrA37ZILAAcZKo_f9celMF935tWatA9paacmg3OEAYeHqjQSH0DQXQYbg77DYCtpe8cqjTb6BO235OOsNKrcdUti_SLkKhTcb0JAh7Dzl3Vmi_YJ98jLwSrOjx3CncvVTAYLpHYGt-IkRhnPiAyNbDDygbpjehOgAvqLwIsdmna8LuqjcEWRNmVCr2-8tx7Uls55SK7CbdxgiZSSC8MvedHfDqNuE8R6Kd8nv2CaKSPXJigyB5hzkLsmTk8ORkRVDJ8nw1aYgixzy8aS3ovtWQY_hwrgx5YXxmI2VpyezYqKpkT71Cx29OV40s4AjtA2kmmMWE3Nu454NJH0YBNlHR9-fo2cirb_KV_nhO72nhLtVa10C_LzTV66wY0IYmY7Q2x1-l7gjkk0XZKaBOn5USuz_M0qW3DUSXAM1Afo2JwGs1FoTdro-ANSboe73v6Iip6_jJcY4I2jNwS-OkaiYjyDH2uJntgHkUmNqrSIR8aFtbntoGGay5aCaxyF88_LZNHFibJO1r4KNTq2YdhMgkOqsZvVTPhbuTDhR4f2PH-6uo7qj-V0AuPiw84-1mwQtXobcnWPA_fDSy9V17kX_tiXnviilQvB1TK6e1SJlEobTsrN_W1T9zXnU3fNc4SFUadUYrKqci6T6zuY0Ey1Re787TlbtCe0oYAEkX9iVy4MQA-C3uwum0O6elwMeUgJQoB1ZSzpJvRz8Yg4luegVtCVFSKhKeGI46AKEsUMK-LxOd2DdefcwErVl3WfqqvB9-zAfnqCl2XQoJoGLx59x77O5yJA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 10CF
4 KB
4 KB
Document
General
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?
Requested by
Host: us.ads.justpremium.com
URL: http://us.ads.justpremium.com/adserve/js.php?zone=111507
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.185.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-185-65.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
657e9aead024e9de79d1faf85e81426932232a2a1559d84b27196292d1978357

Request headers

:method
GET
:authority
pre.ads.justpremium.com
:scheme
https
:path
/v/1.0/t/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://rebelscum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rebelscum.com/

Response headers

date
Sat, 24 Jul 2021 02:03:42 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate
/
us.ads.justpremium.com/adserve/client/
16 KB
3 KB
XHR
General
Full URL
https://us.ads.justpremium.com/adserve/client/?zone=111507&debug=1&ru=http%3A%2F%2Frebelscum.com%2F&sw=1600&sh=1200&ww=1600&wh=1200&ui=r-83eb0c57-0666-4411-9acf-444adbc76226-14765-743837529&tt=1627092222596&rid=r-6920f583-27fc-4d76-8c02-5df0e999cd8f-14765-743781610&eu=1&cs=
Requested by
Host: us.ads.justpremium.com
URL: http://us.ads.justpremium.com/adserve/js.php?zone=111507
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.185.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-185-65.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
23ac92e630a7ba3e2c14357ee09a5ea54df11aced0b8ff5646b2f8f0585dfc5a

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://rebelscum.com
date
Sat, 24 Jul 2021 02:03:42 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
web-vitals.umd.js
unpkg.com/web-vitals@2.1.0/dist/
Redirect Chain
  • https://unpkg.com/web-vitals
  • https://unpkg.com/web-vitals@2.1.0
  • https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js
4 KB
2 KB
Script
General
Full URL
https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8480a1b8e619010528212d730e25bb56a4dcb1fd4ce589403d8cf8c10e894d06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 02:03:42 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
1910163
fly-request-id
01F9J6C67JE64Y1WP2JP65WQW4
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"11c8-h8MN9BiDN1TuDYM8xSzz31D62dA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
673992d80ce1c2b8-FRA

Redirect headers

date
Sat, 24 Jul 2021 02:03:42 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01F9J6DG5AT55A9D46CE12KRD9
server
cloudflare
age
1910120
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.0/dist/web-vitals.umd.js
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
673992d7fcd1c2b8-FRA
access-control-allow-origin
*
tracking.gif
tracking.justpremium.com/ Frame 9E95
43 B
332 B
Image
General
Full URL
http://tracking.justpremium.com/tracking.gif?rid=r-6920f583-27fc-4d76-8c02-5df0e999cd8f-14765-743781610&sid=r-10ae6e89-4bfe-4546-9dbb-86568d311580-14831-224078127&uid=&vr=v2.26.407&ru=http%3A%2F%2Frebelscum.com%2F&tt=1627092222696&siw=1042&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=eu-central-1&sd=&_c=ag3sl11627092222697&et=&aid=413732,413732,413732,413732,413732,439178,439178,439178,439178,439179,439179,439179,439179,439180,439180,439180,439180,439180,439181,439181,439181,439181,439181,439439,439439,439439,439439,439439,439439,421368,421368,421368,421368,421368,421368&said=1057252,1057254,1057253,1057251,1192765,1173690,1173691,1173692,1173693,1173694,1173695,1173697,1173696,1173698,1173699,1173700,1173701,1195154,1173702,1173703,1173704,1173705,1195098,1174834,1174835,1174836,1174837,1174838,1195174,1275639,1134002,1093829,1093830,1093831,1143270&ei=22347399%2C430423%2C19900489%2C541193082%2C1192765%2C543897065%2C22443924%2C21028789%2C430429%2C543897066%2C22443925%2C430432%2C21028790%2C543897067%2C22443926%2C21028791%2C430436%2C1195154%2C543897068%2C22443927%2C21028792%2C430430%2C1195098%2C543897868%2C146753%2C22444623%2C21033772%2C430439%2C1195174%2C421368%2C22406537%2C542319050%2C115840%2C20278754%2C430445&fc=wp,wp,wp,wp,wp,ca,ca,ca,ca,pd,pd,pd,pd,pa,pa,pa,pa,pa,sa,sa,sa,sa,sa,hv,hv,hv,hv,hv,hv,wv,wv,wv,wv,wv,wv&sp=1,39,32,22,42,22,1,32,39,22,1,39,32,22,1,32,39,42,22,1,32,39,42,22,24,1,32,39,42,42,1,22,24,32,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=111507&dr=101&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22cls%22%3A%220.000%22%2C%22ph%22%3A6466%7D&ty=ex
Protocol
HTTP/1.1
Server
35.156.146.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-146-15.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:42 GMT
Last-Modified
Wed, 23 Jun 2021 07:56:00 GMT
Server
nginx
ETag
"60d2e910-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
/
pre.ads.justpremium.com/v/1.0/t/singletag/
2 B
212 B
XHR
General
Full URL
https://pre.ads.justpremium.com/v/1.0/t/singletag/?i=1627092222707
Requested by
Host: cdn.justpremium.com
URL: http://cdn.justpremium.com/js/v2.26.407/jpx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.185.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-185-65.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://rebelscum.com
date
Sat, 24 Jul 2021 02:03:42 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
tracking.gif
tracking.justpremium.com/ Frame 9E95
43 B
332 B
Image
General
Full URL
http://tracking.justpremium.com/tracking.gif?rid=r-6920f583-27fc-4d76-8c02-5df0e999cd8f-14765-743781610&sid=r-10ae6e89-4bfe-4546-9dbb-86568d311580-14831-224078127&uid=&vr=v2.26.407&ru=http%3A%2F%2Frebelscum.com%2F&tt=1627092222760&siw=1042&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=eu-central-1&sd=&_c=aa3t76k1627092222760&et=&aid=413732,413732,413732,413732,413732,439178,439178,439178,439178,439179,439179,439179,439179,439180,439180,439180,439180,439180,439181,439181,439181,439181,439181,439439,439439,439439,439439,439439,439439,421368,421368,421368,421368,421368,421368&said=1057252,1057254,1057253,1057251,1192765,1173690,1173691,1173692,1173693,1173694,1173695,1173697,1173696,1173698,1173699,1173700,1173701,1195154,1173702,1173703,1173704,1173705,1195098,1174834,1174835,1174836,1174837,1174838,1195174,1275639,1134002,1093829,1093830,1093831,1143270&ei=22347399%2C430423%2C19900489%2C541193082%2C1192765%2C543897065%2C22443924%2C21028789%2C430429%2C543897066%2C22443925%2C430432%2C21028790%2C543897067%2C22443926%2C21028791%2C430436%2C1195154%2C543897068%2C22443927%2C21028792%2C430430%2C1195098%2C543897868%2C146753%2C22444623%2C21033772%2C430439%2C1195174%2C421368%2C22406537%2C542319050%2C115840%2C20278754%2C430445&fc=wp,wp,wp,wp,wp,ca,ca,ca,ca,pd,pd,pd,pd,pa,pa,pa,pa,pa,sa,sa,sa,sa,sa,hv,hv,hv,hv,hv,hv,wv,wv,wv,wv,wv,wv&sp=1,39,32,22,42,22,1,32,39,22,1,39,32,22,1,32,39,42,22,1,32,39,42,22,24,1,32,39,42,42,1,22,24,32,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=111507&dr=164&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A6466%7D&ty=adr
Protocol
HTTP/1.1
Server
35.156.146.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-146-15.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 02:03:42 GMT
Last-Modified
Wed, 23 Jun 2021 07:56:00 GMT
Server
nginx
ETag
"60d2e910-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
/
pre.ads.justpremium.com/v/1.0/t/singletag/
2 B
212 B
XHR
General
Full URL
https://pre.ads.justpremium.com/v/1.0/t/singletag/?i=1627092227958
Requested by
Host: cdn.justpremium.com
URL: http://cdn.justpremium.com/js/v2.26.407/jpx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.185.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-185-65.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://rebelscum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://rebelscum.com
date
Sat, 24 Jul 2021 02:03:48 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
dc_oe=ChMI_c727s768QIVgpV3Ch2ULQfiEAAYACDQuLhJQhMItpHF7s768QIVk8q7CB2YPgR1;met=1;&timestamp=1627092231694;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9A88
42 B
515 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_c727s768QIVgpV3Ch2ULQfiEAAYACDQuLhJQhMItpHF7s768QIVk8q7CB2YPgR1;met=1;&timestamp=1627092231694;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 02:03:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| msgsnd object| _gaq object| googletag object| advally object| cookieconsent object| pbjs undefined| cmd object| _gat object| gaGlobal object| FB function| pbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing undefined| conf object| slotRules object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| jp_conf_debug function| webpackJsonpJpx__name_ object| Jpx object| jPAM object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests string| jpx_template_id object| ap4aaiuo5 object| Jpa object| jpx_cls object| webVitals

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnzRUR-qfmAkoE9KLEhoMzbl53xem-YpXErdLW1YtUt6J-sZiC1EiuFDDJYgO4

105 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.adligature.com/rs/prod/rules.js(Line 1)
Message:
Advally Wrapper v4.1.1
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Location: Starting
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Location: Doing API Lookup
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Executing 1 Queued Commands
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Page Label: Queuing device-category-22
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally GO
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally DOMContentLoaded pending...
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally DOMContentLoaded DONE!
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Page DOM is ready!
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Location: API Result Found: PL,14
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Location: Running saved callbacks: 0
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Location: Immediately executing Callback
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally advally._build().LocationCallback(): Started
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Page Label: Resolved device-category-22: desktop device_category
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally LazyLoader: Creating observer at 200% margin, original: 200
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Page: Injecting into #topmenu in position: first
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Content Injector: Executing 0 queued injections
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Predefined Units: 0
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Page contains 4 AdvallyTag units
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: New AdvallyTag #Top_Leaderboard
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Setting Top_Leaderboard to fixed minimum height 90px
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Created Top_Leaderboard
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: New AdvallyTag #SKY_SIDEBAR
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Setting SKY_SIDEBAR to fixed minimum height 600px
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Created SKY_SIDEBAR
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: New AdvallyTag #MPU_SIDEBAR_1
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Max Width: 300px - Padding: 0px, 0px - Border: 0px, 0px
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Available width in parent: 300px
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Created MPU_SIDEBAR_1
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: New AdvallyTag #MPU_SIDEBAR_2
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Max Width: 306px - Padding: 0px, 0px - Border: 0px, 0px
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Available width in parent: 306px
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Created MPU_SIDEBAR_2
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Page: Does DIV 'Top_Leaderboard' Exist? Yes
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking Label device-category-22
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Passed is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Bidder: Unit rules for Prebid ready [object Object]
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Page: Does DIV 'SKY_SIDEBAR' Exist? Yes
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking Label device-category-22
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Passed is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking Label device-category-22
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Passed is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Bidder: Unit rules for Prebid ready [object Object]
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Page: Does DIV 'MPU_SIDEBAR_1' Exist? Yes
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking Label device-category-22
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Passed is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking is-mobile-41
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking Label device-category-22
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking is-mobile-41
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking Label device-category-22
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking Label device-category-22
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Passed is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking Label device-category-22
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Passed is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Bidder: Unit rules for Prebid ready [object Object]
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Page: Does DIV 'MPU_SIDEBAR_2' Exist? Yes
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Checking Label device-category-22
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Site Segment: Passed is-desktop-40
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Bidder: Unit rules for Prebid ready [object Object]
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally SmartRefresh: Ready
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Debugger: Status of "AdvallyDebug": false
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Prebid: Enabled GDPR Consent Management
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Prebid: Configuring prebid
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Prebid: Settings passed to prebid [object Object]
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally SmartRefresh: Started
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally advally._displayCB(): Given 4 new units to load
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally advally._displayCB(): Loading 4 units lazily
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally LazyLoader: Observing Top_Leaderboard
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally LazyLoader: Observing SKY_SIDEBAR
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally LazyLoader: Observing MPU_SIDEBAR_1
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally LazyLoader: Observing MPU_SIDEBAR_2
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally LazyLoader: Intersection of 4
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally LazyLoader: Top_Leaderboard is near Viewport
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally LazyLoader: SKY_SIDEBAR is near Viewport
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally LazyLoader: MPU_SIDEBAR_1 is near Viewport
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally LazyLoader: MPU_SIDEBAR_2 is near Viewport
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally AdCall: Dispatching bids for: Top_Leaderboard, SKY_SIDEBAR, MPU_SIDEBAR_1, MPU_SIDEBAR_2
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Prebid: requestBids called Top_Leaderboard,SKY_SIDEBAR,MPU_SIDEBAR_1,MPU_SIDEBAR_2
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally AdCall: Prebid complete
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally AdCall: Refreshing GAM slots
console-api log URL: http://cdn.justpremium.com/js/v2.26.407/jpx.js(Line 1)
Message:
%c(00:01:745.20)%cJAdManager: version v2.26.407 initialized padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api log URL: http://cdn.justpremium.com/js/v2.26.407/jpx.js(Line 1)
Message:
(http://cdn.justpremium.com/js/v2.26.407/jpx.js:1:215665)
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Event "slotRenderEnded" on Top_Leaderboard
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Event "slotRenderEnded" on SKY_SIDEBAR
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Event "slotRenderEnded" on MPU_SIDEBAR_1
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Event "slotRenderEnded" on MPU_SIDEBAR_2
console-api info URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107130206000 http://rebelscum.com/
console-api info URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107130206000 http://rebelscum.com/
console-api info URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107130206000 http://rebelscum.com/
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally AdCall: Timeout reached - Loading ads now
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61827683/20210707051427105/Dynamic_Binding.js(Line 162)
Message:
#f00000
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Event "impressionViewable" on Top_Leaderboard
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Event "impressionViewable" on SKY_SIDEBAR
console-api log URL: http://cdn.justpremium.com/js/v2.26.407/jpx.js(Line 1)
Message:
%c(00:03:815.10)%cJQueue: No ad to run padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api log URL: http://cdn.justpremium.com/js/v2.26.407/jpx.js(Line 1)
Message:
(http://cdn.justpremium.com/js/v2.26.407/jpx.js:1:80637)
console-api log URL: https://cdn.adligature.com/rules.js/advally-4.1.1.js(Line 23)
Message:
Advally Units: Event "impressionViewable" on MPU_SIDEBAR_1
console-api log URL: http://cdn.justpremium.com/js/v2.26.407/jpx.js(Line 1)
Message:
%c(00:09:105.40)%cJQueue: No ad to run padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api log URL: http://cdn.justpremium.com/js/v2.26.407/jpx.js(Line 1)
Message:
(http://cdn.justpremium.com/js/v2.26.407/jpx.js:1:80637)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.atdmt.com
ade.googlesyndication.com
adservice.google.com
adservice.google.pl
cdn.adligature.com
cdn.ampproject.org
cdn.justpremium.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
d.agkn.com
d3d70a68b440478f0eca84491ed96f55.safeframe.googlesyndication.com
discovery.demdex.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
pre.ads.justpremium.com
pro.ip-api.com
rebelscum.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
tracking.justpremium.com
unpkg.com
us.ads.justpremium.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.rebelscum.com
104.156.250.80
13.226.145.39
142.250.181.226
142.250.184.194
142.250.184.226
18.195.172.136
2.18.234.21
2606:4700:3035::6815:5d0e
2606:4700::6810:125e
2606:4700::6810:7caf
2a00:1450:4001:800::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a02:26f0:6c00::210:ba2a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:10d:face:b00c:0:8c
35.156.146.15
37.252.173.38
51.77.64.70
52.58.185.65
63.32.159.255
02038af3f655f46885996206a23943836d5ec2a106dc45878be0c295ef58b857
0311ac35b6a720f6aeb524ea41b9e1561a9d53cb684c8c3ed1dba87815f82290
036b30e66fa9ff6883bd4d22d802dfcb6db0352705bb7045a88dccf911d1d751
03a2f610e5c4e4c433c5a31f8784da5b99f3bf98b27ada435f089895f4750cae
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ee79b17dc24cfa5a302e9204f2dc9b86b5bcfe40519e9414884511a1ff5d9e3
0f586d72c83c36f8ab27c29ba9c4fd5ca6b9b3300ddbe86f2282cd0f528c3822
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
124d03739d6120bb38a95fee58c8402894b37cd510bc9e4ca866976d80e16bcb
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15a55c13889403e486946345563d747245aeb1ba06b5709f832b6a1aef5fbe73
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1bdcde5969df6f57f5e1b16b2a7d422071c7cc3929bfd1f47c6cc98fb7ebb3e0
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
1f41dfd60ecb07e303c9124c0779ebba24aacf6aec9afc4e0d519c7b35027a73
1fc4080c850910f90de662ff7983098630ab07d02e18f0b301da5b4b729b3eee
2016e5dd61fccfea586d68a284adae6d1ca7be2758204d6fbce9d2d4663f02c8
23ac92e630a7ba3e2c14357ee09a5ea54df11aced0b8ff5646b2f8f0585dfc5a
246094b53a476ec32920dfca26fa5b2ca5208f4aced8bcfa60cc6f42affbdae2
2898b915e0d25e937e9a772c72be75f6f2c2460343c716124e606b808c4bdd6e
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
29e2d916770983111203a44ec71edad1a73b0679e305dc69cc4e722761ad06d4
2ca9e241922969ebee8b557e27c164591e208cc6b44e4e1bed559006a8f435e6
2f8714386b6edff951cdef8c8072039f59206481123de32f227fc5c669e96af5
30b2dbc80d699946d3ec91ffd539f081a4cee960ea88f69c08ace6362a6028f5
3370ca331ef90ec2b56fdb75a76fc620b0bb97092be3675492c0b529e3384943
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38feec3b15eeb5f50c22d8d656733860540c6ae3cf785360ae8a5a64952367ab
39fe94435f0c3f1701cc4225d39271767637d5402905a3c40da20d54e110dc55
3aa6a9ad2e733aa3ea98c258170c92426cc67e5b17e10fda0fba58fa7761dcf1
3ba783a63160085414dfc707e64cda547345d40f7a796f5b812c550529d81c64
3d3f442e76695249337c5b4f7a22af14fdfbdd956034051fcfb94acca23ddd05
3e9b4ea5e439c4fa32c3ff2af4521ac999197a97600eeab8e3dcc6ed43834184
403ae44014bd24ec852c88d499c696f6e3ef03d460a442797ff8ceba5e425bed
40f121f981ead559b715d3116657fe9898d4d03869580976dcf7f449f92d57bc
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4679ad6cd5721a39be373aff0e3539cc7b6d66b985bcb66d4b375f52e1b1ee91
49c6315f3bbe6fdd47a23290e571f2f6ba1412c1dc13c717ea8bc535a84001c6
4aac31009b03c4ac57baabc79a6134359837ddd079f402969c9353459206268b
4b373d76db2878ff482a9b1a65111560310ca89d267cc43d46fddd1ce5439403
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e2938669ffdc6826a4ee04adbe45d6d538e7603e0fa1d32bb675fab40880d11
4eb4fdd3ad4117e4a6ddb511c4985722109f87fa0f6dc3998ec22f463153713f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
5338f3cb3e2733c24d559b5c265245e2f5d33ee57b540baa0997df8e831f8495
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f68727214426bd8b6cc66bab5e6e88c46f06477346b5108314d9e70f62d44d
57b5ebaa1102f55c7da76c94d9738eac43fffcf3befa5991c38260539c6d605d
5922f24f8e9f03ff3c230ceee55b2c32ce37fc34aa6a41b24f271d7c6ed5e47c
5a47fa65e619bc27a7335602e524c7c44680a16f1a3e47221ede4e32226dac3e
5bb366990a2c91e4126e365451771416db8fbedbc00acfe79ba6a741dd2a5d5c
5e03076d19e4b85f18ca42fd71003c914b9e5a68237fd075ac36d73f9422d318
5e954ec87054cae866c5b3872ce6fb40ad336320aa7bafc0ec6472b49094871c
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
657e9aead024e9de79d1faf85e81426932232a2a1559d84b27196292d1978357
6854c4e7d31f9501ddedc8ebf890bb029fab7d968a504fb2d324a8c037e4dc52
6bfcc41fb8c21a4d49d62fb3cceceec6dc3c11d7370df183f6a0f1821f7bb492
6e2b382d798fdad058ab0c7fd8efcd7e7eb7aae61e56c9ad5105f8ab4fb2593c
6f13b21330614f776e657f37dd2cb7d76894374e3ac6d4aecd55f8f6df68433e
71d3cbad060831c5d25685a643d211e5b5da3abd4149c0acead41197775f3cda
7245bc102bb700aa253cc153564c23e3b06283694de4ccbbea3a1879b0dc2304
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
7663b57b20f1b9c59a7424b6e781f3d335a26decf13182609194cc27149a6dc3
7c4e8403c1bade9d3d029f9476914297a854a734997c98cbcea0a844eaac08df
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81d1fd3b8d6e7b5cd4b34e2d5e8c138ae799e085044d0f4c4a0b26d5baf975c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8480a1b8e619010528212d730e25bb56a4dcb1fd4ce589403d8cf8c10e894d06
87a5b478b0ae921eb014499f444e7b150baac04f6ffb06d6f3a7d5b66d01c968
87db2cdba7ffeb72c22d15d6d89a2121181a0f743167db2d717182029b752764
8afc76752db2505a46809d85c99ade981967be459bb49cbac8fa408a8b62d081
8b1b2854a949e997a83ede6a92e3ac909dc37eff774eec3d2ea85fc59c4b2dea
8fc41fd1b44f288034309d6eb21cd3c71f52f25a960ebc107489325415e2d18a
90c9aedece0fa2103d1922ce78181d681729306be45d18b0e6d21fec19e1512a
913ba9c6f499eb2a48c6284c7a8d1d62a7369c404d8fc38824221a6818c50461
9407bccb09a5a090b03cf109ba79c39581352cedf1298d57320cea4cf3113e17
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
973dc29ddae88a5a064eda575754839f8486b0540c45c1c0328149767fb8aa6c
985859f8de08c975344385e2beb2075b3308ecc0226611e3e787ade5d883c250
99f003b7af26c951d8c1724d355042ee1234ed68539bf950079f45dc51c68cf6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0ed07cdccf293276355d35858b942e7615a3aef67d598add7dcbf1c6b537435
a1ca7ad599f3cb79277e8edf9e207bd93448b3b62e848fd6f2a125de60d13f69
a3a6e816921e852de8d83dce290cf10a658b65df3e172c4ebb63904bcad03661
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a568210933597958e0bce2589bf17029dd221656429b4781fe0b1590b339a9b5
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7f4211fb51359de3e3c8b9e4ec93de11082429a3a0a959de8725678407abb5a
a84d3518398499eace9be061bbf7e8a1162a703cb8fd6372531386d40e79c56b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac462b7e2edb2f4614f9d1c0dac65ad68fbc67db07cb09a59afb1d9ba425c814
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b9f9b7c525efc683d5c568e788af5225b7f8965fb0ff5ee96319210dda2578
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6eb19b19ac9ce3d01346591dc2385c55d4ed14c09de37c5d9f77d7e2ac0987f
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7c97b6bdeee3e8c2255ce5fb3009c6fb7ff16f7a7486238c343b6961dd978f5
bc7ab58dc6bc72061955f9e862df4caedeefc6faa455ed2101a79824d1277e0b
bd21da47bc7158674cc565e6e77bc9b5b48a854a6d5be236ea84f655d93d07d7
bddea1985c717af31c09bad8ea0d16a391737286d10035b627fdc603e27133d1
bfebc7edf192b95a25a5ae995b14d25ca4a5ac46780be38190b4ae5a3980c3cf
c2ef93df138786baabfa6582b5266b17fc194100ec7cba3d70a55da87f109b71
c345cc68ba35ffa3252a80f00edd374ba46103aab9bbdce8f3cfe3b211f07263
ca82326ec0d73bae3c39a5ef3906095b720cd138ac55e7c3f89a9d3c5a9839e6
ce6fa9603815a39ebb600c08a21279a8bb1e3289c7d310f305bdd9d76a0e25b0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
db5bd9586ef78d6639509d89379435f9da7b8a9ded441248d46901bead5e9f7d
db6767108ee1d409a8abf09c65f373e5fae284c5ca9234a6149908d5d516f537
def9013f67932bceea677bfe7a0f5fc9c3ffe7a345bbcd52d1ad2773745f7f8d
e032b480f4b88e2b0cc9637dd3ffcd9c3e25a1e5920b12429630081325f58b7b
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4044e9e84fa0a45c8ea788437df60ce0c5a36154a2578100139624464667bd5
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e7db94870d5193f9755e4badfeacaeb5258e523301a34af63861af43a77fd53f
eba2bf507e730bab3c0ee9c5a926f789f18687cb5482a620f621158039024e92
ebdc0a6cf024c74b0c7255efd7d9072ef08c97ebdf4bff060464fb4a9de5c12a
ee53aa89de271e202c6fdd6918b73d1e050a72e808980e99503fe0152f66fe48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef97574b4cf493a6abb30a69a690c30e985bd4532cc3d6d2391c16e2a140580b
f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc
f3b5bd03fd62b600f6d4877bc7badfe3ccc4b9a7d582be69bb552f287696a786
f82fc90bdac94322e540afe9800ae10315a699166f5072cd0a7f6347d8c3c066
f8425cfcb137778595ddfbd149589821be274befe06bbeabf991fada54ba4354
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
fb7cc5bb986e6895be8e36f565958cb5ca5f751864ea0558af0799db399ce07b