picrew.me Open in urlscan Pro
13.226.159.5 Public Scan

URL:
https://picrew.me/
Submission: On March 12 via api (March 12th 2021, 12:02:04 am UTC) from BR

Summary HTTP 190 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 58 IPs in 10 countries across 48 domains to perform 190 HTTP transactions. The main IP is 13.226.159.5, located in United States and belongs to AMAZON-02, US. The main domain is picrew.me.
TLS certificate: Issued by Amazon on June 28th 2020. Valid for: a year.

This is the only time picrew.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	13.226.159.5 13.226.159.5	16509 (AMAZON-02) (AMAZON-02)
19	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba6b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	130.211.14.194 130.211.14.194	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
7	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	65.9.96.93 65.9.96.93	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:210... 2a02:26f0:2100:1a0::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1480:400... 2600:1480:4000:e5::	33905 (AKAMAI-AMS) (AKAMAI-AMS)
3	65.9.95.127 65.9.95.127	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 4	52.95.124.165 52.95.124.165	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	13.226.159.230 13.226.159.230	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.21.36 13.32.21.36	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	84.53.188.235 84.53.188.235	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.184 213.155.156.184	1299 (TELIANET ...) (TELIANET Telia Carrier)
6	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 5	54.194.13.58 54.194.13.58	16509 (AMAZON-02) (AMAZON-02)
3 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
8	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	18.200.32.159 18.200.32.159	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
2 2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
3 3	18.185.180.173 18.185.180.173	16509 (AMAZON-02) (AMAZON-02)
1 1	51.75.146.161 51.75.146.161	16276 (OVH) (OVH)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2600:9000:218... 2600:9000:2182:7200:1f:2964:4340:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	65.9.96.122 65.9.96.122	16509 (AMAZON-02) (AMAZON-02)
1 2	13.32.21.120 13.32.21.120	16509 (AMAZON-02) (AMAZON-02)
2	18.177.223.75 18.177.223.75	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:212... 2600:9000:2127:6800:1f:5b22:6e00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:c400:c:2040:40c0:93a1	16509 (AMAZON-02) (AMAZON-02)
190	58

2 13.226.159.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-5.dus51.r.cloudfront.net

picrew.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:26f0:6c00::210:ba6b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.picrew.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.14.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.14.211.130.bc.googleusercontent.com

cdn-fluct.sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.96.93 (United States)

ASN16509 (AMAZON-02, US)

share-cdn.picrew.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:2100:1a0::19fd (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1480:4000:e5:: (United States)

ASN33905 (AKAMAI-AMS, NL)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.95.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.95.124.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.230 (United States)

ASN16509 (AMAZON-02, US)

cd.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.36 (United States)

ASN16509 (AMAZON-02, US)

dad.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

amazon-tam-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 84.53.188.235 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a84-53-188-235.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.194.13.58 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-13-58.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.89 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.200.32.159 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-32-159.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.226 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.180.173 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.161 (France) 1 redirects

ASN16276 (OVH, FR)

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:7200:1f:2964:4340:93a1 (United States)

ASN16509 (AMAZON-02, US)

imp-adedge.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.122 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cr-p31.ladsp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.21.120 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-120.fra56.r.cloudfront.net

cr-pall.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.177.223.75 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)

ssp-bidapi.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:6800:1f:5b22:6e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

spnativeapi-tls.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:c400:c:2040:40c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

spcdnsp.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com tpc.googlesyndication.com	499 KB
27	picrew.me picrew.me cdn.picrew.me share-cdn.picrew.me	864 KB
25	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	233 KB
20	pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com aud.pubmatic.com image4.pubmatic.com	42 KB
9	google.com 3 redirects adservice.google.com www.google.com	1 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	214 KB
8	typekit.net use.typekit.net p.typekit.net	515 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	37 KB
6	i-mobile.co.jp imp-adedge.i-mobile.co.jp ssp-bidapi.i-mobile.co.jp spnativeapi-tls.i-mobile.co.jp spcdnsp.i-mobile.co.jp	138 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	96 KB
6	googletagservices.com www.googletagservices.com	197 KB
5	bidr.io 5 redirects match.prod.bidr.io	2 KB
4	ladsp.com 1 redirects cd.ladsp.com dad.ladsp.com cr-pall.ladsp.com	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	2 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	947 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	724 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	adform.net 2 redirects c1.adform.net	822 B
2	adsrvr.org 2 redirects match.adsrvr.org	987 B
2	fiftyt.com 2 redirects visitor.fiftyt.com	992 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	dotomi.com amazon-tam-match.dotomi.com pubmatic-match.dotomi.com	104 B
2	twimg.com cdn.syndication.twimg.com pbs.twimg.com	8 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	google.de adservice.google.de www.google.de	906 B
2	facebook.net connect.facebook.net	63 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
1	ladsp.jp 1 redirects cr-p31.ladsp.jp	226 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	simpli.fi um.simpli.fi	610 B
1	turn.com 1 redirects ad.turn.com	518 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu	516 B
1	quantserve.com 1 redirects pixel.quantserve.com	541 B
1	mathtag.com 1 redirects sync.mathtag.com	679 B
1	zeotap.com mwzeom.zeotap.com	595 B
1	adgrx.com cm.adgrx.com	408 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	773 B
1	contextweb.com 1 redirects bh.contextweb.com	793 B
1	criteo.com dis.criteo.com	326 B
1	google.ch adservice.google.ch	799 B
1	facebook.com www.facebook.com	410 B
1	googleadservices.com partner.googleadservices.com	435 B
1	googletagmanager.com www.googletagmanager.com	34 KB
1	adingo.jp cdn-fluct.sh.adingo.jp	4 KB
190	48

	Domain	Requested by
30	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com
19	cdn.picrew.me	picrew.me cdn.picrew.me
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	picrew.me pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	simage2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
7	www.google.com	3 redirects picrew.me googleads.g.doubleclick.net
7	use.typekit.net	picrew.me use.typekit.net
7	platform.twitter.com	picrew.me platform.twitter.com
6	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
6	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
6	share-cdn.picrew.me	picrew.me
5	match.prod.bidr.io	5 redirects
5	securepubads.g.doubleclick.net	picrew.me securepubads.g.doubleclick.net c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com www.googletagservices.com
4	fonts.gstatic.com	fonts.googleapis.com
4	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com ads.pubmatic.com
3	x.bidswitch.net	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	ads.pubmatic.com	aax-eu.amazon-adsystem.com ads.pubmatic.com
3	c.amazon-adsystem.com	picrew.me c.amazon-adsystem.com
3	fonts.googleapis.com	cdn.picrew.me googleads.g.doubleclick.net
2	spnativeapi-tls.i-mobile.co.jp	imp-adedge.i-mobile.co.jp c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
2	ssp-bidapi.i-mobile.co.jp	imp-adedge.i-mobile.co.jp
2	cr-pall.ladsp.com	1 redirects c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
2	pixel-sync.sitescout.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ib.adnxs.com	2 redirects
2	c1.adform.net	2 redirects
2	match.adsrvr.org	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	connect.facebook.net	picrew.me connect.facebook.net
2	cdnjs.cloudflare.com	cdn.picrew.me cdnjs.cloudflare.com
2	picrew.me	cdn.picrew.me
1	spcdnsp.i-mobile.co.jp	c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
1	cr-p31.ladsp.jp	1 redirects
1	imp-adedge.i-mobile.co.jp	dad.ladsp.com
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	pixel.quantserve.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	cm.adgrx.com	image6.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	dis.criteo.com	image6.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	amazon-tam-match.dotomi.com	aax-eu.amazon-adsystem.com
1	dad.ladsp.com	cd.ladsp.com
1	cd.ladsp.com	c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
1	adservice.google.ch	securepubads.g.doubleclick.net
1	pbs.twimg.com	picrew.me
1	www.google.de	picrew.me
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.facebook.com	picrew.me
1	p.typekit.net	use.typekit.net
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	picrew.me
1	cdn-fluct.sh.adingo.jp	picrew.me
190	74

This site contains links to these domains. Also see Links.

Domain
support.picrew.me
twitter.com
tetrachroma.co.jp

Subject Issuer	Validity	Valid
picrew.me Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
*.picrew.me DigiCert SHA2 Secure Server CA	`2021-02-19` - `2022-02-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
cdn-fluct.sh.adingo.jp DigiCert SHA2 Secure Server CA	`2020-09-18` - `2021-10-15`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
pbs.twimg.com DigiCert SHA2 High Assurance Server CA	`2020-08-05` - `2021-08-10`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.google.ch GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.ladsp.com GlobalSign RSA OV SSL CA 2018	`2020-02-28` - `2021-05-30`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.i-mobile.co.jp JPRS Domain Validation Authority - G4	`2020-08-18` - `2022-03-31`	2 years	crt.sh

This page contains 32 frames:

Primary Page: https://picrew.me/
Frame ID: 169E4FDBDA1DEB7212CE0F0908763522
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Frame ID: 6EA97813C734409929A8EF389A5993EA
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fpicrew.me
Frame ID: 68DF7AE769FBAD1FD1772C801B6EF0E3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&adk=1812271804&adf=3025194257&lmt=1615507299&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpicrew.me%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615507299218&bpp=20&bdt=89&idt=337&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5754571048845&frm=20&pv=2&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=376
Frame ID: 13F4FC8967563C7393FD0606D5530066
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Frame ID: 3FFDB304DD6E4F2AA9E608945F6DD8C2
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=4670556767&adk=3566483056&adf=2258987082&pi=t.ma~as.4670556767&w=1080&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=2&psa=0&format=1080x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1615507300327&bpp=5&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zkrJZa29dF&p=https%3A//picrew.me&dtd=77
Frame ID: 16C78040BE957780713DB022BC97A997
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=3236171695&adk=134199228&adf=3945757123&pi=t.ma~as.3236171695&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=3&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nNSqOp7WS4&p=https%3A//picrew.me&dtd=84
Frame ID: 27B20BEE1CBAB23F4CD636497CDD9E67
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=5289300961&adk=2884671071&adf=1503017450&pi=t.ma~as.5289300961&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=1&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=trGiCT88Wh&p=https%3A//picrew.me&dtd=90
Frame ID: BF9243DFD05279DBA7BCCF0F843AD5C9
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=600&slotname=5705101752&adk=2153503578&adf=4093411512&pi=t.ma~as.5705101752&w=300&lmt=1615507300&psa=0&format=300x600&url=https%3A%2F%2Fpicrew.me%2F&flash=0&wgl=1&dt=1615507300327&bpp=1&bdt=1197&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QauGbl5Wsz&p=https%3A//picrew.me&dtd=96
Frame ID: 46160CB0608AF1E74EF3A3A33808C9AA
Requests: 9 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv&dcc=t
Frame ID: 2EC50DAC77BD69D5134B8F972D606C18
Requests: 1 HTTP requests in this frame

Frame: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 011CDCCB5BB9EDC3F8F8BEC88695AB3A
Requests: 9 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 164BC5A5711D45B4D80296A932E77F28
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html
Frame ID: 38853BEC88A723B51C2C820885C7C656
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D1CE2645440EC202521404079561F996
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DDBD1233E3FC6F0C3E7534D9B54EF1D9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0EB5D44684ADC2CC376082503D5C784B
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1
Frame ID: 3EE1EC6E7790459C2CA4EF1C0A115502
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
Frame ID: AB20CF7CD2432700534C3D54983612F3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
Frame ID: A58CF615129F307C1B4A77CEB93C78D1
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 2261EA6E49DCBE52CB845AAD6B84BC5D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 5E0DD6577A2D407E2BAFA81D52C8FAC6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
Frame ID: 90850C11F24FB3B1F759F3C0756CE79A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DEAB3C79FF44C6557CE04BC4D49055B7
Requests: 21 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5C5C797A42FF760F8BFCFD715623EE3A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4859265986888976152
Frame ID: 4EFDDD6A4A63F65DE5CB68F1F41859D7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD1gE7AlV8AAFQ0-KbH5A
Frame ID: 17452D4DE3F344256DCDC9D8E11058C5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6938551028542535819
Frame ID: C246B59B353E595BE1BAC09618FD20E7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 186437B8688A34E2B817A931C29565B8
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&ex=pubmatic.com
Frame ID: 6903EDC29A344619D97BBBC4A4FC848C
Requests: 1 HTTP requests in this frame

Frame: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Frame ID: BE5869990E88F30828990C5C4163F2C7
Requests: 6 HTTP requests in this frame

Frame: https://spcdnsp.i-mobile.co.jp/ad_creative.ashx?advid=6374178
Frame ID: 8C85ADD36DC24B5EFE8FA4C108B06204
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 97D07A5D9FF6E8FF8994C48DD49F7DA7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

190
Requests

100 %
HTTPS

49 %
IPv6

48
Domains

74
Subdomains

58
IPs

10
Countries

3055 kB
Transfer

5807 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://support.picrew.me/about_picrew_player
Title: Picrewの遊び方

Search URL Search Domain Scan URL

URL: https://support.picrew.me/terms
Title: Picrew利用規約

Search URL Search Domain Scan URL

URL: https://support.picrew.me/
Title: Picrewの使い方

Search URL Search Domain Scan URL

URL: https://twitter.com/picrew_tc
Title: 公式Twitter

Search URL Search Domain Scan URL

URL: https://tetrachroma.co.jp/privacy
Title: プライバシーポリシー

Search URL Search Domain Scan URL

URL: https://support.picrew.me/contact
Title: お問い合わせ

Search URL Search Domain Scan URL

URL: https://tetrachroma.co.jp/
Title: 運営会社

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv&dcc=t

Request Chain 90

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 146

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 149

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 157

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 164

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4859265986888976152

Request Chain 165

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMWdFN0FsVjhBQUZRMC1LYkg1QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD1gE7AlV8AAFQ0-KbH5A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAD1gE7AlV8AAFQ0-KbH5A&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD1gE7AlV8AAFQ0-KbH5A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=816947327260721610 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD1gE7AlV8AAFQ0-KbH5A

Request Chain 166

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6938551028542535819

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c6EINk-cS6WuXcgj5A3Sag%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 171

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 172

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&addseg=31

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECJBfi8ECDlpouD4KfMIYDg&google_cver=1

Request Chain 174

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e0761c16-7390-47ad-af45-70c1dcb00485

Request Chain 175

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9481604a-af66-4f00-bcb0-974849bb6fde&gdpr=0&gdpr_consent=

Request Chain 176

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8527299760456721150

Request Chain 177

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6558777476916518568&gdpr=0&gdpr_consent=

Request Chain 178

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3YV4uXNE2uX8hEs5xyPATMvBcf6UOSk-~A&gdpr=0&gdpr_consent=

Request Chain 180

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HfB2SkqmdB0G9SAbGqVvHhrxcBgGpCRKE6O_4v_o

Request Chain 181

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1128f967-d832-4127-a98b-ef1dd4dcaeb5&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 182

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2674786743720146620&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 183

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YEqvZgAAAGtt3Czr HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEqvZgAAAGtt3Czr&gdpr=0&gdpr_consent=&_test=YEqvZgAAAGtt3Czr

Request Chain 184

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=597e168d-0fa5-407b-b212-cda9288b6755-604aaf66-4348&gdpr=0&gdpr_consent=

Request Chain 187

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b99261cc-fb93-479d-b82f-cc609103ae56&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 189

https://cr-p31.ladsp.jp/cookiesender/31 HTTP 302
https://cr-pall.ladsp.com/cookiesender/31 HTTP 302
https://cr-pall.ladsp.com/cookiesender/31?cr=true

190 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
picrew.me/ 36 KB
11 KB 644ms
581ms Document
text/html 13.226.159.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-5.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

893fc61ae895dc134f30d445297788adc5b52591fb9a427157deb1451f5f22c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN : sameorigin
X-Xss-Protection	0

Request headers

:method: GET
:authority: picrew.me
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 12 Mar 2021 00:01:38 GMT
server: nginx
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN : sameorigin
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 0
cache-control: no-cache
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-cache: Miss from cloudfront
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: wqKTpqDRkqWUZ2-PuxsDzpEuQNvhjO0tqQLZ3rkgzfUk5VPyX_u3Uw==

GET
H2 200 97ab023b32d51bbbae2b.js Show response
cdn.picrew.me/assets/player/20210302080540Z/ 4 KB
2 KB 49ms
12ms Script
application/javascript 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20210302080540Z/97ab023b32d51bbbae2b.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac0d17b07d2501609920c8b5b057f0721a175a97356a337995d2842b5388a023

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uSfgG3c17aCkVdsIWr0yGmzOMd.ldIkM
content-encoding: gzip
etag: W/"1afa267dd8e00e48379e51cbdbffeadb"
x-amz-cf-pop: LHR61-C2
vary: Accept-Encoding
content-length: 1771
last-modified: Tue, 02 Mar 2021 08:12:06 GMT
server: AmazonS3
date: Fri, 12 Mar 2021 00:01:39 GMT
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: https://picrew.me
cache-control: max-age=6943379
x-amz-cf-id: nDqlaVLcwEHAvuLPgSd983mOS0EfhS8CNGxTANBJ6CMYOudDPokIVw==
expires: Mon, 31 May 2021 08:44:38 GMT

GET
H2 200 b96bdd2677abd11e5a47.js Show response
cdn.picrew.me/assets/player/20210302080540Z/ 169 KB
59 KB 74ms
36ms Script
application/javascript 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20210302080540Z/b96bdd2677abd11e5a47.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3bf09e3b61c52e7b953d05ba561673be13e4b46622a72c3063a77ed2fa6736d

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: w71QZPecjnD5nU7V8LUJmGL.xC_.HUhB
content-encoding: gzip
etag: W/"7a2612fbd349836e6ea51833fac91f2f"
x-amz-cf-pop: LHR3-C1
vary: Accept-Encoding
content-length: 59482
last-modified: Tue, 02 Mar 2021 08:12:06 GMT
server: AmazonS3
date: Fri, 12 Mar 2021 00:01:39 GMT
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: https://picrew.me
cache-control: max-age=6943341
x-amz-cf-id: EYFWAWeWL9xttRxNOtA8_fx1CvxTveU-NfkyDQogmA1YKcH_PRGHhw==
expires: Mon, 31 May 2021 08:44:00 GMT

GET
H2 200 0360fe6ba1fe0ec41cdf.css
cdn.picrew.me/assets/player/20210302080540Z/ 4 KB
1 KB 50ms
13ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20210302080540Z/0360fe6ba1fe0ec41cdf.css
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JyLSH.xZU_I48AKMFELc1Z7om2g9tsro
content-encoding: gzip
etag: W/"6577c07362affb431ee21f4ba944e0b8"
x-amz-cf-pop: LHR3-C1
vary: Accept-Encoding
content-length: 1064
last-modified: Tue, 02 Mar 2021 08:12:06 GMT
server: AmazonS3
date: Fri, 12 Mar 2021 00:01:39 GMT
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: https://picrew.me
cache-control: max-age=6943428
x-amz-cf-id: Q_pIuy1HovdniVw0xQ6UBaZW7lVKj4iZEf3F3ysrg2q6ZY5LVuqRYw==
expires: Mon, 31 May 2021 08:45:27 GMT

GET
H2 200 2ea5f76d3d4f633a15da.js Show response
cdn.picrew.me/assets/player/20210302080540Z/ 125 KB
41 KB 69ms
32ms Script
application/javascript 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20210302080540Z/2ea5f76d3d4f633a15da.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96718b0e8f6eb40caa67a26c15ca906053dac2aa673dd2d595faad6437cef37b

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cl8AYEMpD7t9qa1g.LSBZuKJdNApPnlE
content-encoding: gzip
etag: W/"8ad4ddbc487a04d6e0ded909334b61fe"
x-amz-cf-pop: LHR50-C1
vary: Accept-Encoding
content-length: 41555
last-modified: Tue, 02 Mar 2021 08:12:07 GMT
server: AmazonS3
date: Fri, 12 Mar 2021 00:01:39 GMT
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: https://picrew.me
cache-control: max-age=6943330
x-amz-cf-id: dvVnfYOr0aM-LefNG9HKYjONQ2Isr2lSyTTtSl9WVR5WSlQrKeVi1A==
expires: Mon, 31 May 2021 08:43:49 GMT

GET
H2 200 22a509176353a1cc5b19.css
cdn.picrew.me/assets/player/20210302080540Z/ 98 KB
14 KB 57ms
20ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20210302080540Z/22a509176353a1cc5b19.css
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3873161def382c79f71dcce9751dce2210746e4986d25f40b26ccc061e510225

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7mOuwkEf.A06QTyuT6GUz9xhRnsxPVNV
content-encoding: gzip
etag: W/"e072811d376f3e8ab43586ec84ab7137"
x-amz-cf-pop: LHR62-C5
vary: Accept-Encoding
content-length: 14309
last-modified: Tue, 02 Mar 2021 08:12:05 GMT
server: AmazonS3
date: Fri, 12 Mar 2021 00:01:39 GMT
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: https://picrew.me
cache-control: max-age=6943275
x-amz-cf-id: Z-NFo8cslQCy29U4xFyH8LI9TGKYzQLSv05WVyyCAVTEIau3OH1lZg==
expires: Mon, 31 May 2021 08:42:54 GMT

GET
H2 200 fb2098b82176645f97b9.js Show response
cdn.picrew.me/assets/player/20210302080540Z/ 121 KB
35 KB 56ms
19ms Script
application/javascript 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20210302080540Z/fb2098b82176645f97b9.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cea962ae8f848aa5f50b242cbe62d7af1733295acb481749e6b82bcfdc438fe8

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _NqVxgRqSMGB3KPwb0QfNWWO033ATdrq
content-encoding: gzip
etag: W/"bf6893ec6e06687e33dde15cb11023ea"
x-amz-cf-pop: LHR3-C1
vary: Accept-Encoding
content-length: 35377
last-modified: Tue, 02 Mar 2021 08:12:06 GMT
server: AmazonS3
date: Fri, 12 Mar 2021 00:01:39 GMT
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: https://picrew.me
cache-control: max-age=6943303
x-amz-cf-id: 8UrJfd9VNpT-bF2Zs1Gi8xMDBHlMD4u1Qhdr8Ya2_v65EwPIrsvKpg==
expires: Mon, 31 May 2021 08:43:22 GMT

GET
H2 200 b0a6be00f0796240f52e.js Show response
cdn.picrew.me/assets/player/20210302080540Z/ 12 KB
4 KB 59ms
22ms Script
application/javascript 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20210302080540Z/b0a6be00f0796240f52e.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 030e89938b374147feb165ab2cf0f4830f30d972172c8c48687b516480e79f21

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zu_U0Wa5aH3jsz_of2b31lTDPSb3oTZl
content-encoding: gzip
etag: W/"98f5aeaf936b1ca79e4a39b9c1623855"
x-amz-cf-pop: LHR61-C2
vary: Accept-Encoding
content-length: 3470
last-modified: Tue, 02 Mar 2021 08:12:05 GMT
server: AmazonS3
date: Fri, 12 Mar 2021 00:01:39 GMT
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: https://picrew.me
cache-control: max-age=6943444
x-amz-cf-id: HE-keLieC0A5s3V05aPcrvmNPOl5GxQLjL7OjN7LXc8IySZ4gbSdOQ==
expires: Mon, 31 May 2021 08:45:43 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 118ms
58ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

10d487a7c7244ef170562595193d1b80f7157dca787da0141283f3ca30b0a8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "809 / 531 of 1000 / last-modified: 1615504566"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19687
x-xss-protection: 0
expires: Fri, 12 Mar 2021 00:01:39 GMT

GET
H2 200 kv.js Show response
cdn-fluct.sh.adingo.jp/ts/ 4 KB
4 KB 343ms
295ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/ts/kv.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
via: 1.1 google
last-modified: Tue, 10 Nov 2020 02:42:50 GMT
server: nginx
x-goog-meta-goog-reserved-file-mtime: 1604975443
etag: "556934705e12b655011cd42324d63d74"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 4159
expires: Fri, 12 Mar 2021 01:01:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

377ee7092af19c39daed104f096ab955a8dcd5bb4d7c4d7922fea197336bea65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49997
x-xss-protection: 0
server: cafe
etag: 13439632224215961392
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Mar 2021 00:01:39 GMT

GET
H2 200 bff7e9a.png
cdn.picrew.me/assets/player/20210302080540Z/img/ 79 KB
79 KB 14ms
13ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/assets/player/20210302080540Z/img/bff7e9a.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 825dd16d8f642ff84080e41219f2642bdd77fc30df9b8bb50dbe240c42b8b393

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CBEgp3cIFGUZTybCiJIYBQJnkYpVr6W8
last-modified: Tue, 02 Mar 2021 08:12:08 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-C2
etag: "bff7e9aed01415fd0dd65d6177edcead"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://picrew.me
cache-control: max-age=6943314
date: Fri, 12 Mar 2021 00:01:39 GMT
content-length: 80471
x-amz-cf-id: zmFtjB8b2y3Z61aFSNsFKPsPmZFz77v4gbviM_CO3OrT1FoCJTHY4Q==
expires: Mon, 31 May 2021 08:43:33 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 16ms
15ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA5) /
Resource Hash: 0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:22:22 GMT
Server: ECS (amb/6BA5)
Age: 1222
Etag: "965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29026

GET
H2 200 b38d2f2.png
cdn.picrew.me/assets/player/20210302080540Z/img/ 26 KB
26 KB 20ms
19ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/assets/player/20210302080540Z/img/b38d2f2.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae7854ae440a4389fd7d9789c55bd80c7365dc0de4ac53f1702df4d07426f4cb

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sN6e16K0MkgO.ggL3aR01mdgQMMrNThe
last-modified: Tue, 02 Mar 2021 08:12:07 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "b38d2f2d5e063165095de52d4d559548"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://picrew.me
cache-control: max-age=6943390
date: Fri, 12 Mar 2021 00:01:39 GMT
content-length: 26528
x-amz-cf-id: uRmOXnRWTZ7IHWcuNhLxE21_SURsTrjCXTOFRrMOtxmFUSkZylBfuQ==
expires: Mon, 31 May 2021 08:44:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 89 KB
34 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NW5MMVL

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19de2990cc4bf4dff1f0c4476346f3308511afa6699d52c3bd3005abbe6adf6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34533
x-xss-protection: 0
expires: Fri, 12 Mar 2021 00:01:39 GMT

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bc401528e210d05de92040de97620a3d079d8c5f93907ce6e5beed90a178b8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 229 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fc7839b6879b5e3b3605484e1ab69e4f0c3583dde2831953f6cc7face1a4be4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 233 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41568ba8144f47b70f0e4189b2d731a9f5a81da15257ca330da0a6f6db9b30a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 294 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dd21c9cea9dadb7e0531c837945e64ecbf1b4fdc2ec4f5c0b736715064f7ebc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 195 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0862cba97e32d121c4b97badf91da074a845f9dfa4d2527e4cdf462ded1a4e7a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 231 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b65a8bf8d25642b29e9a3e518b0f5e489b6243dbe9a2cfc002cde358763af68

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 345 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bf34e77ed7eba013e27e995b8a9264ad7156c94c9e57d2883ecd2708e254277

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ 2 KB
609 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo+2

Requested by

Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20210302080540Z/22a509176353a1cc5b19.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27c4ccb1e0b7343884d41ddf1d85b6d0c5acb79066736044361e431e42079c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn.picrew.me/assets/player/20210302080540Z/22a509176353a1cc5b19.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 00:00:06 GMT
server: ESF
date: Fri, 12 Mar 2021 00:01:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Mar 2021 00:01:39 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 27ms
13ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20210302080540Z/22a509176353a1cc5b19.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.picrew.me/assets/player/20210302080540Z/22a509176353a1cc5b19.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 11729
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 08c556339100004ee58aaae000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YlUN%2FZ%2FK%2FhDByNBd0O1qVCFpAtdEgCZ57hXvuSI40hdGR8HdFlqvoE%2BR7A9MPlaKgUSrIGGr%2Bijgh6PeQCfCMSUO%2F3hwgUXVWnY9B8AWdpOTvLBqScg9xKNNWcrxVYe1Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e8bfcc1c4c4ee5-FRA
expires: Wed, 02 Mar 2022 00:01:39 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/ 225 KB
85 KB 73ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9692134005385697&plah=picrew.me&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86491
x-xss-protection: 0
server: cafe
etag: 16470564300944896599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Mar 2021 00:01:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/ Frame 6EA9 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210309/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://picrew.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://picrew.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 11 Mar 2021 22:56:49 GMT
expires: Thu, 25 Mar 2021 22:56:49 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 3890
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25a95b3c878dc75218dc64253c799f54d5146215130a08652bd0437efddaa698

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 2b11c1f.png
cdn.picrew.me/assets/player/20210302080540Z/img/ 21 KB
22 KB 12ms
12ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/assets/player/20210302080540Z/img/2b11c1f.png
Requested by: Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20210302080540Z/22a509176353a1cc5b19.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 342245848b6ba171bf23a54eed05aac9d589fc25ec56ae717fdc517178c88492

Request headers

Referer: https://cdn.picrew.me/assets/player/20210302080540Z/22a509176353a1cc5b19.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bKRXhiV72LaJMWm_v6DHhLcOg9Vu0DU_
last-modified: Tue, 02 Mar 2021 08:12:08 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-C2
etag: "2b11c1f6d5961cf549b35aa2d55fadbd"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://picrew.me
cache-control: max-age=6943385
date: Fri, 12 Mar 2021 00:01:39 GMT
content-length: 22010
x-amz-cf-id: j71hntkw2tkBy8FvwukVxvKws4eo3Kq9gx5ZBtm_rvBl4F4Fpha_tw==
expires: Mon, 31 May 2021 08:44:44 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 27ms
13ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://picrew.me
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2044407
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 08c55633d600002c4aba139000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tYHNF3EaR0%2FlE9Lk4bfDJP6O5lyzjj5%2B9tuU1ilAxg325QkDPmT5XAIeRjiaJYTkBIRt6gqHJfVCfANsOU9hq26V6Ew1HmEoD7Isg5EQLBn4K7FI4hShpSd7%2F7Ydu%2FTrDg%3D%3D"}],"max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e8bfcc8e832c4a-FRA
expires: Wed, 02 Mar 2022 00:01:39 GMT

GET
H2 200 ads Show response
picrew.me/player/api/ 6 KB
6 KB 583ms
523ms Fetch
application/json 13.226.159.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://picrew.me/player/api/ads?page=sitetop&cc=CH&dev=1

Requested by

Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20210302080540Z/fb2098b82176645f97b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-5.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

11798795021731f36ae2fdf75c7a8341e87e4a06ab90d6f5514543f6c2df087a

Security Headers

Name	Value
X-Frame-Options	: sameorigin

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
x-frame-options: : sameorigin
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
cache-control: no-cache, private
x-amz-cf-id: lzdw_IdxrIlsu7CvZDTkLg4vgEnJ2-zLzuOSNS2LZVcEq68xBXkm3Q==

GET
H2 200 sdk.js Show response
connect.facebook.net/ja_JP/ 3 KB
2 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62d421f6ff06b84c2cbb089bdbcd55849433f531b64dfd8558e02e9b6dca99e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: XkwAxKpMuGgh+IBYu2WUNg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: VUwbtj+fuQ9qqcSePdBXjrc8jfzDumLzdnAyNpV0IOW+j1eSnw1G86clc+1BLBELKoaVC3vAyjzl7a9zmTLViQ==
x-fb-trip-id: 917726464
x-fb-content-md5: d795ced48bc117a59fa595f7b6abd8c6
x-frame-options: DENY
date: Fri, 12 Mar 2021 00:01:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "bf69b50d72caf16e3b9006c8dc15a976"
timing-allow-origin: *
expires: Fri, 12 Mar 2021 00:16:57 GMT

GET
H2 200 zom5oro.js Show response
use.typekit.net/ 35 KB
12 KB 77ms
65ms Script
text/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/zom5oro.js

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8c0f9fb9052d0ed4c5add4a220e08215fe790e3545f5b78e865321a468ebfe4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 12 Mar 2021 00:01:39 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 12147

GET
H/1.1 200
OK widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html Show response
platform.twitter.com/widgets/ Frame 68DF 320 KB
104 KB 14ms
14ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fpicrew.me
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://picrew.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://picrew.me/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 97851
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Mar 2021 00:01:39 GMT
Etag: "e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105690

GET
H2 200 302160_luTpfsCg.jpg
share-cdn.picrew.me/shareImg/thumb/202103/ 15 KB
15 KB 1348ms
1243ms Image
image/jpeg 65.9.96.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202103/302160_luTpfsCg.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc915d6b9465ad137670d5eb9c3845f436b0f0e5ece8aa5656898419a4440970

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:41 GMT
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Mon, 15 Mar 2021 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Fri, 12 Mar 2021 00:01:39 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "9ad5cd6ec78f7a63fc1203783478835a"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 14956
x-amz-cf-id: rH4jt-4hpIO6eA_2bEJB6WN11vtz2mVFWQeIlESNbqS1BEO70FlUrQ==

GET
H2 200 333657_HUidWiyg.jpg
share-cdn.picrew.me/shareImg/thumb/202103/ 19 KB
20 KB 428ms
324ms Image
image/jpeg 65.9.96.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202103/333657_HUidWiyg.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 630224c14627ca2a35c7c9a77ea0d24daad76b00fee1033c7eef00e1ca094b77

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:40 GMT
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Mon, 15 Mar 2021 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Fri, 12 Mar 2021 00:01:39 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "d422760cabc85288c88cf2bfc41d3410"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 19738
x-amz-cf-id: xRaCvPgfd2qJZAeJM9kxdBCzalGXvr6Y9d93P9KUDE0fV287qTJWKA==

GET
H2 200 210483_i8DDcU7z.jpg
share-cdn.picrew.me/shareImg/thumb/202103/ 17 KB
17 KB 1115ms
1010ms Image
image/jpeg 65.9.96.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202103/210483_i8DDcU7z.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa1ec7f296bd54dfd2d769cb451cca2bdf5a82343afa7a23912a0488ebfbf038

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:41 GMT
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Mon, 15 Mar 2021 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Fri, 12 Mar 2021 00:01:39 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "83f8aea82f909e506897afcc0348c66b"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 17413
x-amz-cf-id: cd4QjU8Vh1MtGc9q11OBeco-AdKhiFy_Yf3P79Ft4wo6A_1wcwAeJg==

GET
H2 200 37328_jV42bOzj.jpg
share-cdn.picrew.me/shareImg/thumb/202103/ 18 KB
19 KB 1154ms
1050ms Image
image/jpeg 65.9.96.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202103/37328_jV42bOzj.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15ef3f33a2ee53ea738854cfbac4598cb4b547def59d500dcc7be9f878ac7496

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:41 GMT
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Mon, 15 Mar 2021 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Fri, 12 Mar 2021 00:01:39 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "4cffedaa9b11488830f4945b220e060b"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 18678
x-amz-cf-id: uayTMeh8e3Gnfsl-ggbghaqjCuu1z21YfdPSa3-i-TTtC15ibZQo8Q==

GET
H2 200 43383_lJ7M6kvv.jpg
share-cdn.picrew.me/shareImg/thumb/202103/ 17 KB
17 KB 1143ms
1039ms Image
image/jpeg 65.9.96.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202103/43383_lJ7M6kvv.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5759102be3560ae9f09cc0b868f59e887719923f389330de24f23c28b2c1e13

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:41 GMT
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Mon, 15 Mar 2021 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Fri, 12 Mar 2021 00:01:39 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "06411e0eb7a138a6b19d214b3bf589b0"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 16931
x-amz-cf-id: pzUfGW1ms1Ovss9Is_TR7F_PTrW1dV1J9WNYJoQp7j_yNg8A0sindQ==

GET
H2 200 560909_tBIL5qhD.jpg
share-cdn.picrew.me/shareImg/thumb/202103/ 16 KB
17 KB 1122ms
1018ms Image
image/jpeg 65.9.96.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202103/560909_tBIL5qhD.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57020ca7a366c524aa07065d386d82739080316faced4faf1e17013f8245d17f

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:41 GMT
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Mon, 15 Mar 2021 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Fri, 12 Mar 2021 00:01:39 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "1d3995c15aa858a8f17587a12181af99"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 16890
x-amz-cf-id: 1nqyUxanadrldsSJ-5w9Rvl9LIkNwCnATiGHlD59HrhEangWN0UxxA==

GET
H2 200 icon_VbLntX6JiYWH5JZL.png
cdn.picrew.me/app/image_maker/338224/ 30 KB
31 KB 48ms
46ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/338224/icon_VbLntX6JiYWH5JZL.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c679e3bc477933b9d982cf776dbaa60d679eca049f48212664ff95f43fa008ba

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jsTvY4wYTT2gqjgr8FsCKFcSoCPXsGL7
last-modified: Sun, 07 Mar 2021 11:57:22 GMT
server: AmazonS3
x-amz-cf-pop: LHR62-C5
etag: "66e31206d2e8ecb1e6ee5fbbede75823"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://picrew.me
cache-control: max-age=7387007
date: Fri, 12 Mar 2021 00:01:39 GMT
content-length: 31092
x-amz-cf-id: Cl2-1xEUjHJlGL2R5M2War-hIMY9sVbFbXq5s9jFdjYAmU5X6FYzNA==
expires: Sat, 05 Jun 2021 11:58:26 GMT

GET
H2 200 icon_LMrOphO5cvVvod1p.png
cdn.picrew.me/app/image_maker/263035/ 133 KB
134 KB 21ms
20ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/263035/icon_LMrOphO5cvVvod1p.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8108ae29247cfbacfd42683c388fe31e7421e2262658be4da84b1d6790db70b3

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Snh.zo9T0bjExx_kJIzZEbBHepWPOTNO
last-modified: Sun, 12 Apr 2020 14:05:48 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "ec9e04a7604c5509832b971e216a0109"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://picrew.me
cache-control: max-age=1156240
date: Fri, 12 Mar 2021 00:01:39 GMT
content-length: 136627
x-amz-cf-id: W16O5zSXGN1W-bc58WC06PN_k_-KysYmef9P_yV89K9qR891cPDt8w==
expires: Thu, 25 Mar 2021 09:12:19 GMT

GET
H2 200 icon_XgLuO3QnmUTG8PFU.png
cdn.picrew.me/app/image_maker/332600/ 51 KB
51 KB 49ms
48ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/332600/icon_XgLuO3QnmUTG8PFU.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f63dd5e7cc8c55823ecda86e4ad865160784caa9fa11b561bc62a98584c72d9

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: R7TTz.hYc.MET7aamUFYy30jMoI4yTAe
last-modified: Tue, 18 Aug 2020 18:24:43 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-C2
etag: "ba473698909996bbc6f5d08c411bf4b8"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://picrew.me
cache-control: max-age=2145165
date: Fri, 12 Mar 2021 00:01:39 GMT
content-length: 51773
x-amz-cf-id: 2ORe8n5Q85Fuz4O-Yi5Dgp6M03eEkacAJpNUhvjq-V_dJ6ZmR-eTlA==
expires: Mon, 05 Apr 2021 19:54:24 GMT

GET
H2 200 icon_RG0aC9OYygUYkMk7.jpeg
cdn.picrew.me/app/image_maker/37328/ 62 KB
63 KB 44ms
43ms Image
image/jpeg 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/37328/icon_RG0aC9OYygUYkMk7.jpeg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 733f015f134ae2c884d3b4579b41d3a2a11edd2872f649de4abb40a8f7e4f784

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: TqHNCSZEG84OkQr3okTjr3f66XuLYRD0
last-modified: Mon, 21 Dec 2020 07:39:49 GMT
server: AmazonS3
x-amz-cf-pop: LHR62-C5
etag: "dd2b7615c5ec472d7d399d83d1d19ee4"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://picrew.me
cache-control: max-age=805124
date: Fri, 12 Mar 2021 00:01:39 GMT
content-length: 63893
x-amz-cf-id: EoVobMykchOAd8PpvyqLU1ecNHL1ILCDWSyxvS5e5xt5X3ZdoDfTMA==
expires: Sun, 21 Mar 2021 07:40:23 GMT

GET
H3-Q050 200 pubads_impl_2021031001.js Show response
securepubads.g.doubleclick.net/gpt/ 284 KB
100 KB 106ms
72ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 09:39:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102356
x-xss-protection: 0
expires: Fri, 12 Mar 2021 00:01:39 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
435 B 58ms
57ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=picrew.me&callback=_gfp_s_&client=ca-pub-9692134005385697

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9692134005385697&plah=picrew.me&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

669502209c826fc9763fa13f3fe42d47a041e674de35bb0af86cf9341b69ef53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=picrew.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=picrew.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
38ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpicrew.me%2F&tn=DIV&cls=sw-Loader&ign=false

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 13F4 54 B
596 B 70ms
54ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&adk=1812271804&adf=3025194257&lmt=1615507299&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpicrew.me%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615507299218&bpp=20&bdt=89&idt=337&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5754571048845&frm=20&pv=2&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=376

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9692134005385697&output=html&adk=1812271804&adf=3025194257&lmt=1615507299&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpicrew.me%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615507299218&bpp=20&bdt=89&idt=337&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5754571048845&frm=20&pv=2&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=376
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://picrew.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://picrew.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Mar 2021 00:01:39 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Mar-2021 00:16:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 00:01:39 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378846156468"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Fri, 12 Mar 2021 00:01:39 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ja_JP/ 197 KB
60 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js?hash=a729fda00857e3ddc6c91102fed0ddab&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50a165ac70e69463a8db56b53df933937ef9d9565ecebf063e31956903399573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://picrew.me
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xVMvteeOp6L2XpbCPitU3A==
cross-origin-resource-policy: cross-origin
expires: Fri, 11 Mar 2022 21:46:01 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60636
x-fb-rlafr: 0
x-fb-debug: V5anMrGVHg8ViFsu88+aA/t3IHeGJmRsl9GNK/F/K9AYFu3uYCzhdXP6AWQY1xd4Y6OYnKKCpp+NeuwjtEQTKw==
x-fb-trip-id: 917726464
x-fb-content-md5: d8e9839462f4f0167550ecae02fe0ca8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 12 Mar 2021 00:01:39 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag: "860d2cde859fd3a058abc06192548f4c"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 icon_57yOexrhunPN3Iis.png
cdn.picrew.me/app/image_maker/139707/ 80 KB
80 KB 16ms
15ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/139707/icon_57yOexrhunPN3Iis.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd94579a69de712d63dfb4561ce4b00d989dacaf86a2da2e4871f4d08026aa78

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: K8nVC5AJv8_Uj8DYLJp1BP3MELfz38Qv
last-modified: Wed, 11 Sep 2019 12:30:37 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-C2
etag: "10e3ac2687f20931b1f9aaab9725b3e6"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://picrew.me
cache-control: max-age=1279991
date: Fri, 12 Mar 2021 00:01:39 GMT
content-length: 81689
x-amz-cf-id: IwaUV5hcuU-6ijmy8XauJ9q1EUgufrMtUEK9IYkoCcehhL2rvCTM8g==
expires: Fri, 26 Mar 2021 19:34:50 GMT

GET
H2 200 icon_mXCfyTH2B6l7yvma.png
cdn.picrew.me/app/image_maker/114808/ 50 KB
51 KB 14ms
13ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/114808/icon_mXCfyTH2B6l7yvma.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba844f6b39f0fc17897445ff629cb225308935d335aa7dc7686c17160a0e16d4

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: w2xekEd_Y2JXEFgzwyC2lMijkkuQ9Hsc
last-modified: Mon, 29 Jul 2019 18:32:48 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "5cbbe0406365f4c33834def7140bee80"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://picrew.me
cache-control: max-age=2253218
date: Fri, 12 Mar 2021 00:01:39 GMT
content-length: 51247
x-amz-cf-id: yC27vtdbDOC05UNoKq4kj9NggJIlNoQMrqjTFIgjQud-FERMjRylHA==
expires: Wed, 07 Apr 2021 01:55:17 GMT

GET
H2 200 p.gif Show response
p.typekit.net/ 35 B
182 B 32ms
10ms XHR
image/gif 2a02:26f0:2100:1a0::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.gif?s=1&k=zom5oro&ht=tk&h=picrew.me&f=245.246.4619.4620.34827.34829&a=1136707&js=1.6.0&app=typekit&e=js&_=1615507299648
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zom5oro.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2100:1a0::19fd Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
last-modified: Wed, 24 Jun 2020 22:38:00 GMT
server: nginx
etag: "5ef3d5c8-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35

GET
H2 200 l
use.typekit.net/af/6fa81f/00000000000000003b9b0380/27/ 21 KB
21 KB 38ms
19ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6fa81f/00000000000000003b9b0380/27/l?unicode=AAAHygAAAAdhg4V2jXLgvTqablOmIuR90xJ6f7oYX7HHszHOhbuHChMcgQn5RM8D_2_09h-EDof5QbhEgbbA63nwPrW_c-fWpSq9I322wnPr2mXL5hwU9XCfpfCkLYjBT4lM8H7L4ONWX3ugfaTSwXm4HDcbyteaHuCpkuHywfcZB3Qmfrf-lhmtbmdiEYP1_3wmtwTqUe-84RpPif-WvZba-nUooF8x54v53DpQrOTj48ldu33mIr3t5_p7J-7EIbKWiAPI-6fOlmzgfKcT52EWvLAE-pP79aefMQlHioFliM5EGken-uDgxR0sm5rfhBd4WUTkH-l-gPs7g-WyugAAAb0&features=ALL&v=3
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 261cd88e1d179dfa31be0397e0f85a43adff01142df977870d13ebbdd4d0021e

Request headers

Origin: https://picrew.me
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
server: nginx
etag: "a6fb0dd05f5561afb318201f23d46c36186cea3e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 21412

GET
H2 200 l
use.typekit.net/af/08e6da/00000000000000003b9b0381/27/ 21 KB
21 KB 36ms
18ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/08e6da/00000000000000003b9b0381/27/l?unicode=AAAHygAAAAdhg4V2jXLgvTqablOmIuR90xJ6f7oYX7HHszHOhbuHChMcgQn5RM8D_2_09h-EDof5QbhEgbbA63nwPrW_c-fWpSq9I322wnPr2mXL5hwU9XCfpfCkLYjBT4lM8H7L4ONWX3ugfaTSwXm4HDcbyteaHuCpkuHywfcZB3Qmfrf-lhmtbmdiEYP1_3wmtwTqUe-84RpPif-WvZba-nUooF8x54v53DpQrOTj48ldu33mIr3t5_p7J-7EIbKWiAPI-6fOlmzgfKcT52EWvLAE-pP79aefMQlHioFliM5EGken-uDgxR0sm5rfhBd4WUTkH-l-gPs7g-WyugAAAb0&features=ALL&v=3
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81c99290fb6b187f1066ed05804f14ef112f2d11320385225b5760b65eb73d70

Request headers

Origin: https://picrew.me
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
server: nginx
etag: "193d1e23a52901d4a7529d7adab3620cbdbdade9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 21316

GET
H2 200 l
use.typekit.net/af/13de8a/00000000000000003b9b073e/27/ 78 KB
79 KB 75ms
57ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/13de8a/00000000000000003b9b073e/27/l?unicode=AAAH1AAAAAcRv6_WaG9-OwvDrhn4RB_9i_4V6F8Uy_fJETfgT7pgIAJxtbuqjFtdyS7i9RxigBzkWW6oStRCdF_nmvf2R5gaw4DD-vtwER4g8tGNAhck331emp0srIDUd8tzWS7Adk20giDxJj9fl0_EvRgH9yln87vj-NzBDxYLIs9oIPh9H8Pqm5k575QnvDn8-BMUadv_1E1a0TbBWZDRj4-E_hYdfPKq4TWHraEcE-ilfTf9pnhPwHA6dWL-SZiCveuOgi5uYuyQoCdsUmV3mXI1wHuKsQLGzHvr942wevot_gparEyocj4upnCOy-2oj-o6ZdvaNDxBgGsmHAAP_8E&features=ALL&v=3
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 52b4ee89fd2313064e7997882f72b9c9ded4564ecaa287bbe22e97f8af888077

Request headers

Origin: https://picrew.me
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
server: nginx
etag: "876e56bfa268ce30fd9549a8dfb499ec3cd7b4c8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 80332

GET
H2 200 l
use.typekit.net/af/5554af/00000000000000003b9b073f/27/ 40 KB
41 KB 43ms
26ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5554af/00000000000000003b9b073f/27/l?unicode=AAAH1AAAAAcRv6_WaG9-OwvDrhn4RB_9i_4V6F8Uy_fJETfgT7pgIAJxtbuqjFtdyS7i9RxigBzkWW6oStRCdF_nmvf2R5gaw4DD-vtwER4g8tGNAhck331emp0srIDUd8tzWS7Adk20giDxJj9fl0_EvRgH9yln87vj-NzBDxYLIs9oIPh9H8Pqm5k575QnvDn8-BMUadv_1E1a0TbBWZDRj4-E_hYdfPKq4TWHraEcE-ilfTf9pnhPwHA6dWL-SZiCveuOgi5uYuyQoCdsUmV3mXI1wHuKsQLGzHvr942wevot_gparEyocj4upnCOy-2oj-o6ZdvaNDxBgGsmHAAP_8E&features=ALL&v=3
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f499b1640a2f682d71c9575a8c129401aea4db96c4b4a6670ff85c67892c7970

Request headers

Origin: https://picrew.me
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
server: nginx
etag: "1bb51dbbb4eae729f0f0806c42ad9425136d8801"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 41460

GET
H2 200 m Show response
use.typekit.net/af/7e4d83/00000000000000003b9b00f9/27/ 228 KB
167 KB 62ms
48ms XHR
font/opentype 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7e4d83/00000000000000003b9b00f9/27/m?unicode=AAAJoAAAAAcfegStQgKoABjr_WgAsdcNUv2DBGZG8YHGD2ZhonewNyBv9gOtUEeBeIVE7sB47H4dgV4r3q69D2UIr9y5qGXj3T5MLW9ySgtOCOR3RrXY_1z0vn8nL5muX_G2MeBCGcCY15Fd8_Qc0B-WhRyDI8U882bsQ2T4igXmbtYOgL_3ymjcrxfuvI1WS_EjD9O8ravaQF9bl5k4MwTG_mYx_wDCP3R1v9pcwBWGM0p2ik7tS7orVWmSyfMgh7AaR96O_ytgXHxtZFTT1dmf_ENNlmuUeCFqtRHdhDquFaos70AYyUn29wXkfDrDb2QWCh7xUzXGmGP5ljZxiUWYbIKHugjm2OHJl_Ei3MZVx-7cg7Hk2EZS86-GE7plgCEffGq2mvmOMKw8OKbka1i0ge60ruyghbY3eQ&features=ALL&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zom5oro.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d567707dfa7bc82435d2ef17f0b280eefdb5d0e811af2113a911c2d9fda38586

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
server: nginx
etag: W/"70aa78b5b2dea9c866a464c55bfa41f59dd97baf"
vary: Accept-Encoding
content-type: font/opentype
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 170010

GET
H2 200 m Show response
use.typekit.net/af/3bf215/00000000000000003b9b00fb/27/ 234 KB
174 KB 62ms
48ms XHR
font/opentype 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3bf215/00000000000000003b9b00fb/27/m?unicode=AAAJoAAAAAcfegStQgKoABjr_WgAsdcNUv2DBGZG8YHGD2ZhonewNyBv9gOtUEeBeIVE7sB47H4dgV4r3q69D2UIr9y5qGXj3T5MLW9ySgtOCOR3RrXY_1z0vn8nL5muX_G2MeBCGcCY15Fd8_Qc0B-WhRyDI8U882bsQ2T4igXmbtYOgL_3ymjcrxfuvI1WS_EjD9O8ravaQF9bl5k4MwTG_mYx_wDCP3R1v9pcwBWGM0p2ik7tS7orVWmSyfMgh7AaR96O_ytgXHxtZFTT1dmf_ENNlmuUeCFqtRHdhDquFaos70AYyUn29wXkfDrDb2QWCh7xUzXGmGP5ljZxiUWYbIKHugjm2OHJl_Ei3MZVx-7cg7Hk2EZS86-GE7plgCEffGq2mvmOMKw8OKbka1i0ge60ruyghbY3eQ&features=ALL&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zom5oro.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cfa12ec82f149397b13df97a7f00e70957a2cda07a6017c3e57893a7a567b0b4

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
server: nginx
etag: W/"a919d9904b1ea3e0ba4acaf8890cea89f0836802"
vary: Accept-Encoding
content-type: font/opentype
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 177920

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 28ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1764330357144551&ev=fb_page_view&dl=https%3A%2F%2Fpicrew.me%2F&rl=&if=false&ts=1615507299705&sw=1600&sh=1200&at=

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 12 Mar 2021 00:01:39 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 68DF 183 B
411 B 194ms
135ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=602c526d1b432b4100e6a19868fb1758a8efe2f6

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fpicrew.me

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 107
date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 00:01:39 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 817e744016d2416529dd7c922d2382d7
strict-transport-security: max-age=631138519
content-length: 152

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NW5MMVL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 7144
date: Thu, 11 Mar 2021 22:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 12 Mar 2021 00:02:35 GMT

GET
H/1.1 200
OK moment~timeline~tweet.bd459ee688d39ebbbe0e6b166a1d2cb9.js Show response
platform.twitter.com/js/ 23 KB
8 KB 14ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.bd459ee688d39ebbbe0e6b166a1d2cb9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7F) /
Resource Hash: e98a4eaa87878c23468648dab95993b5364dabffd5d3fd09b875243e7d4e9c7c

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:20:13 GMT
Server: ECS (amb/6B7F)
Age: 97875
Etag: "bec3cda673021d4ec31aee3fc3eea418+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 7652

GET
H/1.1 200
OK timeline.4d8f2209bfca17ad1826ab582cf6da09.js Show response
platform.twitter.com/js/ 21 KB
7 KB 13ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.4d8f2209bfca17ad1826ab582cf6da09.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B80) /
Resource Hash: 7ad582812f30bccc1425611adead2395ca65d59bfe6a6add62fa61b9ee773986

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:20:13 GMT
Server: ECS (amb/6B80)
Age: 97872
Etag: "eb92795319bccd2f28b07dac5efe5412+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6649

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
62 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1647593009&t=pageview&_s=1&dl=https%3A%2F%2Fpicrew.me%2F&ul=en-us&de=UTF-8&dt=Picrew%EF%BD%9C%E3%81%A4%E3%81%8F%E3%81%A3%E3%81%A6%E3%81%82%E3%81%9D%E3%81%B9%E3%82%8B%E7%94%BB%E5%83%8F%E3%83%A1%E3%83%BC%E3%82%AB%E3%83%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=1749210671&gjid=1995451840&cid=1049500676.1615507300&tid=UA-37779012-8&_gid=2063036379.1615507300&_r=1&gtm=2wg330NW5MMVL&cg1=&cd1=&z=93426006

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://picrew.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 102 KB
7 KB 13ms
13ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_picrew_tc_old&dnt=false&domain=picrew.me&lang=ja&screen_name=picrew_tc&suppress_response_codes=true&t=1795008&tz=GMT%2B0100&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BAC) /

Resource Hash

a76d28dc856f2bf08be129148ad0e73d71dfac2f3c91f4b7fac8c309b877aed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
vary: Accept-Encoding
content-length: 6494
x-xss-protection: 0
x-response-time: 152
last-modified: Fri, 12 Mar 2021 00:00:00 GMT
server: ECS (amb/6BAC)
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
expires: Fri, 12 Mar 2021 00:06:39 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: 9681a9d0a1b82feda0381f9cff070dc4
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 0088fe35001b83dc
access-contol-allow-origin: platform.twitter.com

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 13ms
12ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-37779012-8&cid=1049500676.1615507300&jid=1749210671&gjid=1995451840&_gid=2063036379.1615507300&_u=YAhAAAAAAAAAAC~&z=104347805

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Mar 2021 00:01:39 GMT
content-type: text/plain
access-control-allow-origin: https://picrew.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-37779012-8&cid=1049500676.1615507300&jid=1749210671&_u=YAhAAAAAAAAAAC~&z=626033835

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-37779012-8&cid=1049500676.1615507300&jid=1749210671&_u=YAhAAAAAAAAAAC~&z=626033835

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame 3FFD 53 KB
12 KB 15ms
14ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B87) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:20:10 GMT
Server: ECS (amb/6B87)
Age: 97876
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 13ms
13ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B87) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:20:10 GMT
Server: ECS (amb/6B87)
Age: 97876
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 PVUlLPMP_normal.png
pbs.twimg.com/profile_images/1252867789020262400/ Frame 3FFD 1 KB
2 KB 45ms
18ms Image
image/png 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1252867789020262400/PVUlLPMP_normal.png

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

16cad2e6beabbaba2649cdac66affba5d690012a4d8437529ef5780734f06af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 1427
x-response-time: 19
last-modified: Wed, 22 Apr 2020 07:50:12 GMT
server: tsa_a
date: Fri, 12 Mar 2021 00:01:40 GMT
x-tw-cdn: "AK"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9b928d2ac2229bd3ceb5089792a3491f
akamai-request-bc: [a=2.16.2.101,b=261408492,c=g,n=CZ__PRAGUE,o=20940]

GET
DATA 200
OK truncated
/ Frame 3FFD 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3FFD 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3FFD 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3FFD 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 153ms
50ms Script
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:55:17 GMT
content-encoding: gzip
server: Server
age: 382
etag: d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id: qNdPUcTYf7ffk4zEYew6S7Pp5yuxiHlvDayg-WAoOQ4mp-pvzJwKxw==

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 38ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=picrew.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Mar 2021 00:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 42ms
28ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=picrew.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Mar 2021 00:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16C7 65 KB
23 KB 277ms
275ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=4670556767&adk=3566483056&adf=2258987082&pi=t.ma~as.4670556767&w=1080&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=2&psa=0&format=1080x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1615507300327&bpp=5&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zkrJZa29dF&p=https%3A//picrew.me&dtd=77

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

025fc4bd6ee4668c77708377efa6d4ff9c99e12b856d685740340309e6e19024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=4670556767&adk=3566483056&adf=2258987082&pi=t.ma~as.4670556767&w=1080&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=2&psa=0&format=1080x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1615507300327&bpp=5&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zkrJZa29dF&p=https%3A//picrew.me&dtd=77
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://picrew.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://picrew.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Mar 2021 00:01:40 GMT
server: cafe
content-length: 22931
x-xss-protection: 0
set-cookie: IDE=AHWqTUl6qafmsUz1EqpzeIgRhPtrv9Zz3krR8MmcBm1rXHUmk2wl1VgvwBSIwORdM_U; expires=Wed, 06-Apr-2022 00:01:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 00:01:40 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 27B2 70 KB
23 KB 471ms
471ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=3236171695&adk=134199228&adf=3945757123&pi=t.ma~as.3236171695&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=3&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nNSqOp7WS4&p=https%3A//picrew.me&dtd=84

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

805f4bcf1a7b9b26c6d538eef8dd84016347783281243e94eb2d627db1cbe06a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=3236171695&adk=134199228&adf=3945757123&pi=t.ma~as.3236171695&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=3&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nNSqOp7WS4&p=https%3A//picrew.me&dtd=84
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://picrew.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://picrew.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Mar 2021 00:01:40 GMT
server: cafe
content-length: 23118
x-xss-protection: 0
set-cookie: IDE=AHWqTUmBwf2W3mVuZ6Y3UnMKzgFXuHBY1zwB4lcvfYC-J90_CZJqhMPc6asmW1FK-uI; expires=Wed, 06-Apr-2022 00:01:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 00:01:40 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF92 66 KB
25 KB 348ms
348ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=5289300961&adk=2884671071&adf=1503017450&pi=t.ma~as.5289300961&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=1&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=trGiCT88Wh&p=https%3A//picrew.me&dtd=90

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e74138744c0536979dd26c7b6ce3432dd7246ac3ee7f193b9c33d41ccb00a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=5289300961&adk=2884671071&adf=1503017450&pi=t.ma~as.5289300961&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=1&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=trGiCT88Wh&p=https%3A//picrew.me&dtd=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://picrew.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://picrew.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Mar 2021 00:01:40 GMT
server: cafe
content-length: 24952
x-xss-protection: 0
set-cookie: IDE=AHWqTUmlrD13lAxrZHe107LTAY6xWYjdfK7k_YVw7CG7JOBV_vXp3mip58jaGQjBW78; expires=Wed, 06-Apr-2022 00:01:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 00:01:40 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4616 89 KB
32 KB 261ms
261ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=600&slotname=5705101752&adk=2153503578&adf=4093411512&pi=t.ma~as.5705101752&w=300&lmt=1615507300&psa=0&format=300x600&url=https%3A%2F%2Fpicrew.me%2F&flash=0&wgl=1&dt=1615507300327&bpp=1&bdt=1197&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QauGbl5Wsz&p=https%3A//picrew.me&dtd=96

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44a22fef852b755d15b52431cde90799d51ff96c0bcc49fe44132d4fd57f3ea8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6imda5qe8CFbjKuwgdHfQFfw&gqi=ZK9KYOCyGtS4x_APveGE-AI&layout=/sadbundle/%24csp%253Der3%24/5608669947882404369/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9692134005385697&output=html&h=600&slotname=5705101752&adk=2153503578&adf=4093411512&pi=t.ma~as.5705101752&w=300&lmt=1615507300&psa=0&format=300x600&url=https%3A%2F%2Fpicrew.me%2F&flash=0&wgl=1&dt=1615507300327&bpp=1&bdt=1197&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QauGbl5Wsz&p=https%3A//picrew.me&dtd=96
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://picrew.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://picrew.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6imda5qe8CFbjKuwgdHfQFfw&gqi=ZK9KYOCyGtS4x_APveGE-AI&layout=/sadbundle/%24csp%253Der3%24/5608669947882404369/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Mar 2021 00:01:40 GMT
server: cafe
content-length: 32497
x-xss-protection: 0
set-cookie: IDE=AHWqTUlRI3vR91otw8I-Lag4hc9IxtxaoFjEY1KDgOSlX9YSwa0s5HlTIWpBrK03z68; expires=Wed, 06-Apr-2022 00:01:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 00:01:40 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 173ms
173ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4375791250579089&correlator=3696333474295284&output=ldjh&impl=fifs&eid=31060433%2C31060366%2C44733567&vrg=2021031001&ptt=17&sc=1&sfv=1-0-37&ecs=20210312&iu_parts=9176203%2C1715044&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&bc=31&abxe=1&lmt=1615507300&dt=1615507300458&dlt=1615507299129&idt=679&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1110&adks=1685291603&ucis=1&ifi=6&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpicrew.me%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=false&fws=512&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

b96bbff8a2328ab57c18797c978c293cec03f64c5f0377fa41431967f52e7a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2601
x-xss-protection: 0
google-lineitem-id: 5583964790
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138336306759
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://picrew.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 50ms
15ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 32ms
10ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 112 B
496 B 100ms
99ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpicrew.me%2F&pid=tLfG9n8514VLD&cb=0&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F9176203%2F1715044%22%7D%5D&cfgv=0&pubid=c06cc614-f284-4373-8e7b-e334e4dcb9d3&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 0a7d1f74a315d0bc656efdd8619a8239be66d9710b803ce4522ec8cc0fad04af

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:40 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: PRG50-C1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://picrew.me
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 123
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-id: slOg-eQD9e1KXOkKqavU_y1wJRGsh0R7PH01p7mIWgysAXRBmESiVg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 136ms
45ms XHR
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 80927
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 06 Mar 2021 01:32:40 GMT
server: AmazonS3
date: Thu, 11 Mar 2021 01:32:54 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: vkhc8aIKr8XF7mswDLW5sWn-oXmmYU8MAZbV-L06ARoumGaoWH9-9g==

GET
H/1.1

200
OK

Cookie set iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 2EC5
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv&dcc=t

234 B
926 B

203ms
203ms

Document
text/html

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: af26daa00461b356d97b71aae6d033274cb950d9533c5e33caaf525515010ad6

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://picrew.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=Az_x0-1HbkBjp_7L2yvMvq4|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://picrew.me/

Response headers

Server: Server
Date: Fri, 12 Mar 2021 00:01:41 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 189
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=Az_x0-1HbkBjp_7L2yvMvq4; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 00:01:40 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 00:01:41 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Fri, 12 Mar 2021 00:01:40 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv&dcc=t
Set-Cookie: ad-id=Az_x0-1HbkBjp_7L2yvMvq4|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 00:01:40 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H3-Q050 200 container.html Show response
c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 011C 6 KB
3 KB 35ms
19ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://picrew.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://picrew.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Fri, 12 Mar 2021 00:01:40 GMT
expires: Sat, 12 Mar 2022 00:01:40 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 164B
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
570 B

15ms
13ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA5) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://picrew.me
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 97877
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Mar 2021 00:01:40 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 03 Mar 2021 19:22:21 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BA5)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Fri, 12 Mar 2021 00:01:40 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Fri, 12 Mar 2021 00:01:40 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
status: 302 Found
strict-transport-security: max-age=631138519
x-connection-hash: 817e744016d2416529dd7c922d2382d7
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 113
x-transaction: 00be26ae00588481
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 16C7 4 KB
1 KB 40ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=4670556767&adk=3566483056&adf=2258987082&pi=t.ma~as.4670556767&w=1080&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=2&psa=0&format=1080x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1615507300327&bpp=5&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zkrJZa29dF&p=https%3A//picrew.me&dtd=77

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 22:03:41 GMT
server: ESF
date: Fri, 12 Mar 2021 00:01:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Mar 2021 00:01:40 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 16C7 2 KB
1 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:33:37 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame 16C7 17 KB
7 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:53:32 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 16C7 2 KB
1 KB 34ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:59:35 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16C7 112 KB
34 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378840307797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34576
x-xss-protection: 0
expires: Fri, 12 Mar 2021 00:01:40 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 16C7 13 KB
6 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:53:25 GMT

GET
H2 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 16C7 26 KB
11 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 03:08:06 GMT
server: sffe
age: 96273
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:17:07 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/ Frame 3885 10 KB
4 KB 14ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=600&slotname=5705101752&adk=2153503578&adf=4093411512&pi=t.ma~as.5705101752&w=300&lmt=1615507300&psa=0&format=300x600&url=https%3A%2F%2Fpicrew.me%2F&flash=0&wgl=1&dt=1615507300327&bpp=1&bdt=1197&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QauGbl5Wsz&p=https%3A//picrew.me&dtd=96

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d3a51e09655a2e0c1bc771a8969fa56a9a7c48d3e0004dc9381ab403904a019

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5608669947882404369/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3187
date: Thu, 11 Mar 2021 01:13:47 GMT
expires: Fri, 11 Mar 2022 01:13:47 GMT
last-modified: Fri, 05 Feb 2021 15:19:56 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 82073
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame 4616 17 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:53:32 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 4616 2 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:59:35 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4616 112 KB
34 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378840307797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34576
x-xss-protection: 0
expires: Fri, 12 Mar 2021 00:01:40 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 4616 13 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:53:25 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 4616 0
0 67ms
29ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQieIfWY8K-pa7D4FhZOIUjmLAh4qwr9mtSVt7YtjDOnyguKit3Y7ZlEhZWIoXAuaz2BI6C
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=600&slotname=5705101752&adk=2153503578&adf=4093411512&pi=t.ma~as.5705101752&w=300&lmt=1615507300&psa=0&format=300x600&url=https%3A%2F%2Fpicrew.me%2F&flash=0&wgl=1&dt=1615507300327&bpp=1&bdt=1197&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QauGbl5Wsz&p=https%3A//picrew.me&dtd=96
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 16C7 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNj9nZK9KYMTdGbzd7_UPxLK-gA7PqsHjYc2RwtP8DLfP8oOWHBABINnG_iBglYq4gsgHoAG8y82SA8gBAakCVAM8MJsctD6oAwHIA8sEqgSrAU_Q-EyGyOs38J5rlB2FvSpvzko3rsG8WA4pmkvXRDkPReGTmk0rzIMcskzcaT2cx_cxNJ_EKg6ZMDvV_LhlP6K-5H2wauAhT3z8aQzDlu2g283U01oMAcoiFAFW5tbATEtZn1BfzIX8lgjKe7qbwzPhhhFBUT8CKK7FI29cH0bTawfKBiUKpTGG-EyiNBTrtdruFxEDi1zMYL_zWNqnxIC6Hmej0cubQ7RkBsAEp9Ou27QDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB6y0sm2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ_oND0ggJCIDhgHAQARgfgAoByAsB2BMNiBQFshcaChgIABIUcHViLTk2OTIxMzQwMDUzODU2OTc&sigh=E01_QF06fcY&tpd=AGWhJmthCCuhi0-_ad5lIwT4Zirr8NObltBQVgRElPrSzdekVQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=4670556767&adk=3566483056&adf=2258987082&pi=t.ma~as.4670556767&w=1080&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=2&psa=0&format=1080x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1615507300327&bpp=5&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zkrJZa29dF&p=https%3A//picrew.me&dtd=77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Mar 2021 00:01:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4616 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK7kBZK9KYM7gGriV7_UPneiX-Ae54MDSYaHD6YyvDa4CEAEg2cb-IGCViriCyAegAdDGo-EDyAEJqQK515AdEsZ_PqgDAcgDSKoEtAFP0GsNLURVA_F5I97xgxaKZDT5-3UONORGnCnzQ263xiQjy4injulsONbXUfsPk1j7AKlfFKPeK4D3_3PfSjrwz631HsU9dIx3IiYtfGd0bWMlpQA78W5r311ejS-u6uYuQO4yocnoC8JPBAMVaZsMZV3SY_yw9wK24lVUOqsfw_h9Idr_JNvDNioVcd1zZOwemDvptmGW65nqGnDpU9TH73M2bj0U7l2bLBkC-LC74fQgr-vABN-X4NCZApIFBAgEGAGSBQQIBRgEoAYugAeYudweqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIOUEdIICQiA4YBwEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXGgoYCAASFHB1Yi05NjkyMTM0MDA1Mzg1Njk3&sigh=5NLMfv9nPjM&template_id=419&tpd=AGWhJmu8Da_gzBfPSAS0_CpV4SbY8eCqxg-htn0P9MmXxD1soQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=600&slotname=5705101752&adk=2153503578&adf=4093411512&pi=t.ma~as.5705101752&w=300&lmt=1615507300&psa=0&format=300x600&url=https%3A%2F%2Fpicrew.me%2F&flash=0&wgl=1&dt=1615507300327&bpp=1&bdt=1197&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QauGbl5Wsz&p=https%3A//picrew.me&dtd=96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Mar 2021 00:01:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 011C 24 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
URL: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 12:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40984
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 12:38:36 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 011C 112 KB
34 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
URL: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378840307797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34576
x-xss-protection: 0
expires: Fri, 12 Mar 2021 00:01:40 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D1CE 143 B
220 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=4670556767&adk=3566483056&adf=2258987082&pi=t.ma~as.4670556767&w=1080&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=2&psa=0&format=1080x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1615507300327&bpp=5&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zkrJZa29dF&p=https%3A//picrew.me&dtd=77
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmlrD13lAxrZHe107LTAY6xWYjdfK7k_YVw7CG7JOBV_vXp3mip58jaGQjBW78
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=4670556767&adk=3566483056&adf=2258987082&pi=t.ma~as.4670556767&w=1080&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=2&psa=0&format=1080x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1615507300327&bpp=5&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zkrJZa29dF&p=https%3A//picrew.me&dtd=77

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Mar 2021 23:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1216
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DDBD 143 B
165 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=600&slotname=5705101752&adk=2153503578&adf=4093411512&pi=t.ma~as.5705101752&w=300&lmt=1615507300&psa=0&format=300x600&url=https%3A%2F%2Fpicrew.me%2F&flash=0&wgl=1&dt=1615507300327&bpp=1&bdt=1197&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QauGbl5Wsz&p=https%3A//picrew.me&dtd=96
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmlrD13lAxrZHe107LTAY6xWYjdfK7k_YVw7CG7JOBV_vXp3mip58jaGQjBW78
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=600&slotname=5705101752&adk=2153503578&adf=4093411512&pi=t.ma~as.5705101752&w=300&lmt=1615507300&psa=0&format=300x600&url=https%3A%2F%2Fpicrew.me%2F&flash=0&wgl=1&dt=1615507300327&bpp=1&bdt=1197&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QauGbl5Wsz&p=https%3A//picrew.me&dtd=96

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Mar 2021 23:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1216
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 16C7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a229c3aa274a56f05b9e6d2b3a6397e6b7f407a4fc0409b82a10b3fb3c0b265d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4616 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85a47975471e9df4bf9686c6ed4385dc36565f6591d7329863e59791040cb75a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 16C7 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 279242
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:27:39 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 16C7 15 KB
16 KB 41ms
24ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 277794
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 2224826251922188787
tpc.googlesyndication.com/daca_images/simgad/ Frame BF92 73 KB
74 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2224826251922188787

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=5289300961&adk=2884671071&adf=1503017450&pi=t.ma~as.5289300961&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=1&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=trGiCT88Wh&p=https%3A//picrew.me&dtd=90

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a62accf28aded0f45f8246af5507154c2114ee83bb73f549afc6a71aa4adecac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 20:19:25 GMT
x-content-type-options: nosniff
age: 99736
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75237
x-xss-protection: 0
last-modified: Sat, 06 Feb 2021 00:47:58 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 20:19:25 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame BF92 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:53:32 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame BF92 2 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:59:35 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF92 112 KB
34 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378840307797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34576
x-xss-protection: 0
expires: Fri, 12 Mar 2021 00:01:41 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame BF92 13 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:53:25 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame BF92 0
0 22ms
21ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAxjf191WnAjSdghNtZSiSgflYe1kt1226W5kTRKuWswl-47LS3c-8dVtfKO6WG1EPky4z
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=5289300961&adk=2884671071&adf=1503017450&pi=t.ma~as.5289300961&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=1&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=trGiCT88Wh&p=https%3A//picrew.me&dtd=90
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame BF92 25 KB
11 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87f15fba52ba32ff97868fd9de7d33be5e2d88ecea0c9fe648041d8f270be416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 22:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
server: cafe
etag: 16204982485008532146
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 22:57:13 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame BF92 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C09H-ZK9KYNTMGuHF7_UP16esyAu54MDSYfmf6YyvDa4CEAEg2cb-IGCViriCyAegAdDGo-EDyAECqQK515AdEsZ_PqgDAcgDyQSqBKsBT9AjyON4O28s3HNFeAkxjlGY4Ur14vzuHnzbiACBIFuvwdmjaSLlm27Vrp9CVqE4NTA_ls6VsAEwSBbTEepQ3_dIf_vbtJKgrSBM7N383MQoS-0oymYOEnZDsKRhamHX18hN4J7sd2MXyJ_ixdmd9db1UeIC2j0Kd1N7NGtPT8A722XUSMRaFkKQ_p06oX-YqH7HSp9s6K1yLwhIpD9EFPY72L9cqT33v1aCwATR2seY8QGSBQQIBBgBkgUECAUYBKAGAoAHmLncHqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCvzAXSCAkIgOGAcBABGB-ACgHICwHYEwyYFgGyFxoKGAgAEhRwdWItOTY5MjEzNDAwNTM4NTY5Nw&sigh=Fo6pu0IvvpY&tpd=AGWhJmstrNqXo5pHr88xb1frgV8jgFLu2TPtt47pMXElt12wEQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=5289300961&adk=2884671071&adf=1503017450&pi=t.ma~as.5289300961&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=1&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=trGiCT88Wh&p=https%3A//picrew.me&dtd=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Mar 2021 00:01:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3885 9 KB
3 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3885 22 KB
9 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 c7dacafa6023ba57a8f6a37ebd98063f.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/ Frame 3885 69 KB
20 KB 23ms
7ms Script
application/x-javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/c7dacafa6023ba57a8f6a37ebd98063f.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e252bb2014a942541aaac1fef928976fc2268a72744e6557a756377fc8b569de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 104528
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18494
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:56 GMT
server: sffe
date: Wed, 10 Mar 2021 18:59:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 18:59:33 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 011C 0
0 75ms
59ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqQffrL-DLhojtqlHBSjSou03wRq5_JIoeSMRsK-sPLgkcBZ6et3gszzilCrzsjn6dfIXqa1EKNolcW554bu0c7Hf--sL5GCRjhNPvwQwwwxtsIUbJz3VdQu02NMEsFKLtMySX59Q9XO4-VHz7GbaGtMTQLazO3XrKFo3FwXCmM6Mvkpc1ALpj3OSZ109ImPmB7XXXcSonIgLIgcUhHg1cfVth_7LluY1-y_f5oQ5fXF-ytSYKKdoxq3AKR3Zu1MfMCRoMxNAPPHfwawlFJxwTPgkd8ro&sig=Cg0ArKJSzISq2CtXiu9kEAE&urlfix=1&adurl=

Requested by

Host: c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
URL: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Mar 2021 00:01:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dad_adtag.js Show response
cd.ladsp.com/script-dad/v1/ Frame 011C 3 KB
1 KB 101ms
33ms Script
text/javascript 13.226.159.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.ladsp.com/script-dad/v1/dad_adtag.js
Requested by: Host: c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
URL: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8285c162faba73f57257892f4cac256e6c5efc648820a24e7591ac582ceec359

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 01:03:59 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 05:41:00 GMT
server: AmazonS3
age: 2588263
etag: "8fb0c80d89722305a694af9a147112f6"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
cache-control: public, max-age=864000, immutable
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1078
x-amz-cf-id: LxZhhHygm3SXJCUyUiyz-6kSlo0gjmuSsEsocwftHul9mjSYPZHdmA==

GET
DATA 200
OK truncated
/ Frame 011C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58afa62e86777f073dcafb9835891c1f032fc2f28ed1e4b3b310fa1eeec89659

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 27B2 3 KB
646 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=3236171695&adk=134199228&adf=3945757123&pi=t.ma~as.3236171695&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=3&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nNSqOp7WS4&p=https%3A//picrew.me&dtd=84

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 23:59:39 GMT
server: ESF
date: Fri, 12 Mar 2021 00:01:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Mar 2021 00:01:41 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 27B2 2 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:33:37 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame 27B2 17 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:53:32 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1948352517020488298/ Frame 27B2 43 KB
43 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1948352517020488298/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e81bc0a6de4e55273d2aa6823d99d395c50f2a323c8b874ce7dcaf73fc17a0d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:41:29 GMT
x-content-type-options: nosniff
age: 73212
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44341
x-xss-protection: 0
last-modified: Thu, 15 Oct 2020 14:09:50 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 03:41:29 GMT

GET
DATA 200
OK truncated
/ Frame 27B2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 27B2 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:59:35 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27B2 112 KB
34 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378840307797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34576
x-xss-protection: 0
expires: Fri, 12 Mar 2021 00:01:41 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 27B2 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 23:53:25 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 27B2 0
0 16ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRn4yi0GSKAQa6uaRxyEkZvSnPAjWiXn4otHA2w6cuyqbjbdMJkyi9ycY5lsTpb5PFlLM9P
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=3236171695&adk=134199228&adf=3945757123&pi=t.ma~as.3236171695&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=3&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nNSqOp7WS4&p=https%3A//picrew.me&dtd=84
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 27B2 26 KB
11 KB 36ms
19ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 03:08:06 GMT
server: sffe
age: 96274
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:17:07 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0EB5 143 B
169 B 8ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=5289300961&adk=2884671071&adf=1503017450&pi=t.ma~as.5289300961&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=1&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=trGiCT88Wh&p=https%3A//picrew.me&dtd=90
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmBwf2W3mVuZ6Y3UnMKzgFXuHBY1zwB4lcvfYC-J90_CZJqhMPc6asmW1FK-uI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=5289300961&adk=2884671071&adf=1503017450&pi=t.ma~as.5289300961&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=1&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90%2C764x280&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=trGiCT88Wh&p=https%3A//picrew.me&dtd=90

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Mar 2021 23:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1217
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 afd7d8950b49bd19d0eac2a332705285.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/media/ Frame 3885 29 KB
29 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/media/afd7d8950b49bd19d0eac2a332705285.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7426120c1348476bb5dd9523107f70258ac8fa929884b9480d69be62da01496

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 579677
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29288
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:56 GMT
server: sffe
date: Fri, 05 Mar 2021 07:00:24 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 07:00:24 GMT

GET
H3-Q050 200 adace9085412ed839f5f3d39b3e5db47.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/media/ Frame 3885 10 KB
12 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/media/adace9085412ed839f5f3d39b3e5db47.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d0bbc55d990fec6e48615b095b47c8cb477fa695c350fee5e69bda28f6a1f9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 15602
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10294
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:56 GMT
server: sffe
date: Thu, 11 Mar 2021 19:41:39 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 19:41:39 GMT

GET
H3-Q050 200 93fa650c3d79209197cb6da2e1b2bbba.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/media/ Frame 3885 9 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/media/93fa650c3d79209197cb6da2e1b2bbba.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc05e0d988a201b2a2a2c70d1ed07c6bfe375ea68caf825ca7669c318e4a0f27

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 590263
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1951
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:56 GMT
server: sffe
date: Fri, 05 Mar 2021 04:03:58 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 04:03:58 GMT

GET
H3-Q050 200 16fb75c5e31d6df58a77f2faa6e79911.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/media/ Frame 3885 40 KB
40 KB 12ms
10ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/media/16fb75c5e31d6df58a77f2faa6e79911.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d5116000dd98bbd0aad3c756821612e4313baa311ed415fd0dbd25ca3a7c31

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 280327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40688
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:56 GMT
server: sffe
date: Mon, 08 Mar 2021 18:09:34 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Mar 2022 18:09:34 GMT

GET
DATA 200
OK truncated
/ Frame BF92 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8dd181f669d9957ecd3e4c955d9ec667d6864aacf4b910f85853cc8f1d625a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 27B2 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0dIjZK9KYI24Gr7V7_UP84OmeMGb2o1h0sash-cM2dkeEAEg2cb-IGCViriCyAegAdG8wc8DyAEJqQJUAzwwmxy0PqgDAcgDywSqBKwBT9DsmOK5NLsbW31JG4KZmF_j2a4R0WkMAt4kzYXxnak9RaDTFoMeManNxa-j0279P0VIhEfTVkT1KqxZFAzMppl5OA8Lw4gp8y-TPiMOdaiAGmCBlfMrB1isKre3XjmpJDS3W-LYgKxrdt69KiaL8Eaappr59zAiysl9fiWyMRwGqEWws4LDXuHWeIzd034CanDRyeOdfFFxx-qdxT0ptKvafAEvxMwmSLqJucAEnq_D1agDkgUECAQYAZIFBAgFGASgBi6AB7ap4uYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENyrBdIICQiA4YBwEAEYH4AKAcgLAdgTC4gUBrIXGgoYCAASFHB1Yi05NjkyMTM0MDA1Mzg1Njk3&sigh=3uFoNXm2lP0&template_id=5000&tpd=AGWhJmu5Sbr5LQ4wfadSi8IYwaRPR7K5mUwzGfik9du2P0nbWA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=3236171695&adk=134199228&adf=3945757123&pi=t.ma~as.3236171695&w=764&fwrn=4&fwrnh=100&lmt=1615507300&rafmt=3&psa=0&format=764x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&dt=1615507300327&bpp=2&bdt=1198&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De227db8f2115013d-222192ebbaba008e%3AT%3D1615507299%3ART%3D1615507299%3AS%3DALNI_Mbbd8IuTB-pM6xE0U_0T2kchQT5jQ&prev_fmts=0x0%2C1080x90&nras=1&correlator=5754571048845&frm=20&pv=1&ga_vid=1049500676.1615507300&ga_sid=1615507300&ga_hid=1647593009&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068786&oid=3&pvsid=4375791250579089&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=nNSqOp7WS4&p=https%3A//picrew.me&dtd=84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Mar 2021 00:01:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK pr Show response
aax-eu.amazon-adsystem.com/s/v3/ Frame 3EE1 644 B
723 B 48ms
47ms Document
text/html 52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 8ed12e5e9f0fa0e83c6dcf772a86149f2209fef54956080d88e5d0202980ecc4

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=Az_x0-1HbkBjp_7L2yvMvq4; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_cnv&dcc=t

Response headers

Server: Server
Date: Fri, 12 Mar 2021 00:01:41 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 362
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D1CE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
133 B

18ms
17ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmBwf2W3mVuZ6Y3UnMKzgFXuHBY1zwB4lcvfYC-J90_CZJqhMPc6asmW1FK-uI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Mar 2021 00:01:41 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 12-Mar-2021 01:01:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 00:01:41 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Mar 2021 00:01:41 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 27B2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6839f63b076b9adccd2483e6d68c74899b7573f97e5e7912e95c78fa34b5c5e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js Show response
pagead2.googlesyndication.com/bg/ Frame AB20 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 14:40:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 33647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Fri, 11 Mar 2022 14:40:54 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DDBD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
152 B

17ms
16ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmBwf2W3mVuZ6Y3UnMKzgFXuHBY1zwB4lcvfYC-J90_CZJqhMPc6asmW1FK-uI; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Mar 2021 00:01:41 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 12-Mar-2021 01:01:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 00:01:41 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Mar 2021 00:01:41 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 c0767f840d8f7205e20f54042a1c8857.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/media/ Frame 3885 4 KB
1 KB 8ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/media/c0767f840d8f7205e20f54042a1c8857.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5608669947882404369/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

070ed24fbc7e905df4b9be20b010286fddaf15b4ab1f0dc2f19a0cd0dbee12ef

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 280259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1215
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:56 GMT
server: sffe
date: Mon, 08 Mar 2021 18:10:42 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Mar 2022 18:10:42 GMT

GET
H2 200 fif Show response
dad.ladsp.com/adrequest/ Frame 011C 1 KB
1 KB 811ms
747ms Script
text/javascript 13.32.21.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dad.ladsp.com/adrequest/fif?tid=gz8v&divid=LFP_nLZO_JXB0_gz8v&w=728&h=90&site_url=https%253A%252F%252Fc5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-37%252Fhtml%252Fcontainer.html&rand=0.9823249015587543
Requested by: Host: cd.ladsp.com
URL: https://cd.ladsp.com/script-dad/v1/dad_adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Logicad/DADServer /
Resource Hash: 0f421cd9c538701b2399f41b5e65fea622a771087cdc5cf4fe0e086988dba324

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
content-encoding: gzip
server: Logicad/DADServer
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
content-type: text/javascript;charset=utf-8
x-amz-cf-id: wrHt6T6nwIKaFQAUa0SpTY2NLHkbyOyS1mTVl8oZzMYem5ipF5KxGA==
expires: -1

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 27B2 21 KB
21 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 01:58:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 79401
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 11 Mar 2022 01:58:20 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 27B2 21 KB
21 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 94758
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Thu, 10 Mar 2022 21:42:23 GMT

GET
H3-Q050 200 KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A58C 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 14:40:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 33647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Fri, 11 Mar 2022 14:40:54 GMT

GET
H2 204 current
amazon-tam-match.dotomi.com/match/bounce/ Frame 2261 0
0 105ms
65ms Document
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: amazon-tam-match.dotomi.com
:scheme: https
:path: /match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Fri, 12 Mar 2021 00:01:41 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5E0D 8 KB
3 KB 116ms
37ms Document
text/html 84.53.188.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.188.235 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-188-235.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=32291
Expires: Fri, 12 Mar 2021 08:59:52 GMT
Date: Fri, 12 Mar 2021 00:01:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0EB5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

18ms
18ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmBwf2W3mVuZ6Y3UnMKzgFXuHBY1zwB4lcvfYC-J90_CZJqhMPc6asmW1FK-uI; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Mar 2021 00:01:41 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 12-Mar-2021 01:01:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 00:01:41 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Mar 2021 00:01:41 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9085 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 14:40:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 33647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Fri, 11 Mar 2022 14:40:54 GMT

GET
H3-Q050 200 KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3885 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 14:40:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 33647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Fri, 11 Mar 2022 14:40:54 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame DEAB 37 KB
14 KB 41ms
40ms Document
text/html 84.53.188.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.188.235 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-188-235.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=22997
Expires: Fri, 12 Mar 2021 06:24:58 GMT
Date: Fri, 12 Mar 2021 00:01:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DEAB 5 KB
6 KB 151ms
37ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38747223&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: d37817dff7a5e8bcbbce26be02eeb72d04fb0912a8e62bf2b30a492704e822d4

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:41 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4616 42 B
479 B 68ms
54ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4WP5oG1WidXoFvMiG_0Lzabw1mDJI2s2h632I58JUEkUbYvTYUYepXM4Dp0jVswgfo6PP2Zl0nSGYOr2_B-dBKAjsBxopn1QPtFuhYBYuK_S3UHMtA2QBcr_n2w&sai=AMfl-YSsShETEhgNLO7q2eH-n6oZvCjW3oNiaVf_uWOdk7Y2zcMv4wujRClPvjtKeZ1yRBdu7DWe0mfFPR0wPnGo0atQ7BOXgmdsf8t-RGK63rm1Qo0g-bENp2KFox-X&sig=Cg0ArKJSzMj6Cp-RUEouEAE&cid=CAASPeRoH896GjGs6-QDRMd84nbNa5tIyUemRz81ATzaOWklLDAa1RY6XFNAnK5MujODuZmSooNthDymFFzECZ8&id=osdim&mcvt=1000&p=881,1040,1481,1340&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210310&bin=7&avms=nio&bs=0,0&mc=0.53&if=1&app=0&itpl=2&adk=2153503578&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615507300449&dlt=250&rpt=3&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 5C5C 43 B
326 B 267ms
52ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38747223&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Fri, 12 Mar 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1368
x-powered-by: ASP.NET
date: Fri, 12 Mar 2021 00:01:41 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 4EFD
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4859265986888976152

42 B
769 B

55ms
38ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4859265986888976152
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38747223&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156657:2; KADUSERCOOKIE=73A10836-4F9C-4BA5-AE5D-C823E40DD26A; chkChromeAb67Sec=1; DPSync3=1616716800%3A226_221_201_227; SyncRTB3=1618099200%3A203%7C1616716800%3A21_22_81_13_54_56_3_71_7_166_55_161_8_165%7C1616371200%3A63%7C1616112000%3A2_223_15%7C1616803200%3A35; KRTBCOOKIE_1101=23040-6938551028542535819; PugT=1615507302; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Fri, 12 Mar 2021 00:01:42 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-4859265986888976152; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Apr-2021 00:01:42 GMT; path=/ PugT=1615507302; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Apr-2021 00:01:42 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 10-Jun-2021 00:01:42 GMT; path=/
X-lat: lhrpug016:0:532
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4859265986888976152
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 1745
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMWdFN0FsVjhBQUZRMC1LYkg1QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD1gE7AlV8AAFQ0-KbH5A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAD1gE7AlV8AAFQ0-KbH5A&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD1gE7AlV8AAFQ0-KbH5A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=816947327260721610
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD1gE7AlV8AAFQ0-KbH5A

42 B
773 B

38ms
38ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD1gE7AlV8AAFQ0-KbH5A
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38747223&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156657:2; KADUSERCOOKIE=73A10836-4F9C-4BA5-AE5D-C823E40DD26A; chkChromeAb67Sec=1; DPSync3=1616716800%3A226_221_201_227; SyncRTB3=1618099200%3A203%7C1616716800%3A21_22_81_13_54_56_3_71_7_166_55_161_8_165%7C1616371200%3A63%7C1616112000%3A2_223_15%7C1616803200%3A35; KRTBCOOKIE_1101=23040-6938551028542535819; PUBMDCID=3; SPugT=1615507300; KRTBCOOKIE_80=16514-CAESECJBfi8ECDlpouD4KfMIYDg&KRTB&22987-CAESECJBfi8ECDlpouD4KfMIYDg&KRTB&23025-CAESECJBfi8ECDlpouD4KfMIYDg; KRTBCOOKIE_27=16735-uid:9481604a-af66-4f00-bcb0-974849bb6fde&KRTB&16736-uid:9481604a-af66-4f00-bcb0-974849bb6fde&KRTB&23019-uid:9481604a-af66-4f00-bcb0-974849bb6fde&KRTB&23114-uid:9481604a-af66-4f00-bcb0-974849bb6fde; KRTBCOOKIE_391=22924-8527299760456721150&KRTB&23263-8527299760456721150; KRTBCOOKIE_377=6810-e0761c16-7390-47ad-af45-70c1dcb00485&KRTB&22918-e0761c16-7390-47ad-af45-70c1dcb00485&KRTB&23031-e0761c16-7390-47ad-af45-70c1dcb00485; KRTBCOOKIE_22=14911-2674786743720146620; KRTBCOOKIE_336=5844-4859265986888976152; KRTBCOOKIE_57=22776-6558777476916518568; KRTBCOOKIE_153=19420-HfB2SkqmdB0G9SAbGqVvHhrxcBgGpCRKE6O_4v_o&KRTB&22979-HfB2SkqmdB0G9SAbGqVvHhrxcBgGpCRKE6O_4v_o; KRTBCOOKIE_466=16530-1128f967-d832-4127-a98b-ef1dd4dcaeb5; KRTBCOOKIE_188=3189-597e168d-0fa5-407b-b212-cda9288b6755-604aaf66-4348; PugT=1615507302; KRTBCOOKIE_218=22978-YEqvZgAAAGtt3Czr&KRTB&23194-YEqvZgAAAGtt3Czr&KRTB&23209-YEqvZgAAAGtt3Czr&KRTB&23244-YEqvZgAAAGtt3Czr
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Fri, 12 Mar 2021 00:01:43 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_699=22727-AAD1gE7AlV8AAFQ0-KbH5A; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Apr-2021 00:01:43 GMT; path=/ PugT=1615507303; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Apr-2021 00:01:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 10-Jun-2021 00:01:43 GMT; path=/
X-lat: lhrpug012:0:435
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Date: Fri, 12 Mar 2021 00:01:43 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD1gE7AlV8AAFQ0-KbH5A
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame C246
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6938551028542535819

42 B
771 B

91ms
30ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6938551028542535819
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38747223&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156657:2; KADUSERCOOKIE=73A10836-4F9C-4BA5-AE5D-C823E40DD26A; chkChromeAb67Sec=1; DPSync3=1616716800%3A226_221_201_227; SyncRTB3=1618099200%3A203%7C1616716800%3A21_22_81_13_54_56_3_71_7_166_55_161_8_165%7C1616371200%3A63%7C1616112000%3A2_223_15%7C1616803200%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Fri, 12 Mar 2021 00:01:42 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6938551028542535819; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Apr-2021 00:01:42 GMT; path=/ PugT=1615507302; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Apr-2021 00:01:42 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 10-Jun-2021 00:01:42 GMT; path=/
X-lat: amspug020:0:288
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Fri, 12 Mar 2021 00:01:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6938551028542535819; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6938551028542535819

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 1864 43 B
408 B 95ms
30ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38747223&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Fri, 12 Mar 2021 00:01:42 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 6903 43 B
344 B 51ms
51ms Document
image/gif 52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&ex=pubmatic.com
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=Az_x0-1HbkBjp_7L2yvMvq4; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: Server
Date: Fri, 12 Mar 2021 00:01:42 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DEAB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c6EINk-cS6WuXcgj5A3Sag%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

37ms
36ms

Image
text/html

84.53.188.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.188.235 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-188-235.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=32290
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Fri, 12 Mar 2021 08:59:52 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame DEAB 95 B
595 B 228ms
23ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 62e8bfdf3c3f0eb3-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08c5563f8200000eb3fc017000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame DEAB
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

47ms
47ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
frontend-id: 12
location: /pubmatic/1/info2?sType=sync&sExtCookieId=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&addseg=31

7 B
147 B

100ms
31ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:42 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Fri, 12 Mar 2021 00:01:42 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECJBfi8ECDlpouD4KfMIYDg&google_cver=1

42 B
855 B

158ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECJBfi8ECDlpouD4KfMIYDg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:42 GMT
X-lat: lhrpug003:0:558
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECJBfi8ECDlpouD4KfMIYDg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e0761c16-7390-47ad-af45-70c1dcb00485

42 B
882 B

116ms
30ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e0761c16-7390-47ad-af45-70c1dcb00485
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:41 GMT
X-lat: amspug005:0:320
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e0761c16-7390-47ad-af45-70c1dcb00485
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9481604a-af66-4f00-bcb0-974849bb6fde&gdpr=0&gdpr_consent=

42 B
946 B

158ms
30ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9481604a-af66-4f00-bcb0-974849bb6fde&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:41 GMT
X-lat: amspug016:0:391
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Fri, 12 Mar 2021 00:02:28 GMT
Server: MT3 3611 f10363c master cdg-pixel-x2
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9481604a-af66-4f00-bcb0-974849bb6fde&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 12 Mar 2021 00:02:27 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8527299760456721150

42 B
801 B

108ms
30ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8527299760456721150
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:40 GMT
X-lat: amspug001:0:364
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8527299760456721150
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6558777476916518568&gdpr=0&gdpr_consent=

42 B
769 B

157ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6558777476916518568&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:42 GMT
X-lat: lhrpug008:0:929
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Fri, 12 Mar 2021 00:01:42 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.136:80
AN-X-Request-Uuid: f04110c1-f040-496c-a2f3-65301f4b48cd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6558777476916518568&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3YV4uXNE2uX8hEs5xyPATMvBcf6UOSk-~A&gdpr=0&gdpr_consent=

0
418 B

124ms
30ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3YV4uXNE2uX8hEs5xyPATMvBcf6UOSk-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:40 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 12 Mar 2021 00:01:42 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3YV4uXNE2uX8hEs5xyPATMvBcf6UOSk-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 73A10836-4F9C-4BA5-AE5D-C823E40DD26A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DEAB 43 B
841 B 103ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/73A10836-4F9C-4BA5-AE5D-C823E40DD26A?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:42 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HfB2SkqmdB0G9SAbGqVvHhrxcBgGpCRKE6O_4v_o

42 B
843 B

156ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HfB2SkqmdB0G9SAbGqVvHhrxcBgGpCRKE6O_4v_o
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:42 GMT
X-lat: lhrpug015:0:539
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HfB2SkqmdB0G9SAbGqVvHhrxcBgGpCRKE6O_4v_o
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1128f967-d832-4127-a98b-ef1dd4dcaeb5&gdpr=&gdpr_consent=&gdpr_pd=

1 B
746 B

33ms
32ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1128f967-d832-4127-a98b-ef1dd4dcaeb5&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:40 GMT
X-lat: amspug006:0:2347
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1128f967-d832-4127-a98b-ef1dd4dcaeb5&gdpr=&gdpr_consent=&gdpr_pd=
date: Fri, 12 Mar 2021 00:01:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2674786743720146620&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

43ms
30ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2674786743720146620&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:40 GMT
X-lat: amspug019:0:374
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2674786743720146620&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEqvZgAAAGtt3Czr&gdpr=0&gdpr_consent=&_test=YEqvZgAAAGtt3Czr

1 B
809 B

31ms
30ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEqvZgAAAGtt3Czr&gdpr=0&gdpr_consent=&_test=YEqvZgAAAGtt3Czr
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:42 GMT
X-lat: amspug020:0:389
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615507303.753328,VS0,VE0
x-served-by: cache-fra19145-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEqvZgAAAGtt3Czr&gdpr=0&gdpr_consent=&_test=YEqvZgAAAGtt3Czr
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=597e168d-0fa5-407b-b212-cda9288b6755-604aaf66-4348&gdpr=0&gdpr_consent=

42 B
800 B

38ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=597e168d-0fa5-407b-b212-cda9288b6755-604aaf66-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:42 GMT
X-lat: lhrpug016:0:401
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=597e168d-0fa5-407b-b212-cda9288b6755-604aaf66-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame DEAB 43 B
610 B 98ms
31ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 11 Mar 2021 00:01:42 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame DEAB 0
104 B 92ms
61ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=73A10836-4F9C-4BA5-AE5D-C823E40DD26A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame DEAB
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b99261cc-fb93-479d-b82f-cc609103ae56&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

30ms
30ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b99261cc-fb93-479d-b82f-cc609103ae56&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 00:01:41 GMT
X-lat: amspug003:0:374
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b99261cc-fb93-479d-b82f-cc609103ae56&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 12 Mar 2021 00:01:42 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 spot.js Show response
imp-adedge.i-mobile.co.jp/script/v1/ Frame BE58 73 KB
22 KB 81ms
10ms Script
application/javascript 2600:9000:2182:7200:1f:2964:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Requested by: Host: dad.ladsp.com
URL: https://dad.ladsp.com/adrequest/fif?tid=gz8v&divid=LFP_nLZO_JXB0_gz8v&w=728&h=90&site_url=https%253A%252F%252Fc5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-37%252Fhtml%252Fcontainer.html&rand=0.9823249015587543
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:7200:1f:2964:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e7617aeb7af2898df1980de406a141ea5660ddfcc4a879e8794036dc29df32c5

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 23:47:52 GMT
content-encoding: gzip
etag: W/"0ea503ec15d71:0"
last-modified: Tue, 09 Mar 2021 17:47:16 GMT
server: Microsoft-IIS/10.0
age: 1516
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 8ff85jnbpm6wpQnXlLlNUBJrHgeZO9DFWQav2MCJeYXzM3QLkjywoQ==
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)

GET
H2

302

31
cr-pall.ladsp.com/cookiesender/ Frame BE58
Redirect Chain

https://cr-p31.ladsp.jp/cookiesender/31
https://cr-pall.ladsp.com/cookiesender/31
https://cr-pall.ladsp.com/cookiesender/31?cr=true

0
450 B

255ms
255ms

Image
text/plain

13.32.21.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr-pall.ladsp.com/cookiesender/31?cr=true
Requested by: Host: c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
URL: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-120.fra56.r.cloudfront.net
Software: Logicad /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:43 GMT
via: 1.1 daa2f44af77ac5ed09ff4b0024dfcd5d.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: no-cache
content-length: 0
x-amz-cf-id: TR67k1gd39vE9-qjuDq0DVKXwvsKCStwrbtULnBEqVMha4GHw3GIHA==
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:43 GMT
via: 1.1 daa2f44af77ac5ed09ff4b0024dfcd5d.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cr-pall.ladsp.com/cookiesender/31?cr=true
cache-control: no-cache
content-type: text/html;charset=utf-8
content-length: 0
x-amz-cf-id: 5dUwwwaD__6iONxiynn-QwKlCW9AIIZ0CvmrnoJ3RtBixDqOObGv2A==
expires: -1

GET
H/1.1 200
OK spot.ashx Show response
ssp-bidapi.i-mobile.co.jp/api/v1/ Frame BE58 435 B
934 B 1126ms
285ms XHR
text/javascript 18.177.223.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/api/v1/spot.ashx?type=banner&url=https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html&direct=0&fif=1&sf=0&cof=0&dfp=0&amp=0&sp=0&ios=0&pid=70754&mid=509875&asid=1715044&spec=0
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.177.223.75 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 12afe314c5517cc28e452aa2181b33fe682664ac32c2fcfa53cfa66823b2d4d7

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Mar 2021 00:01:42 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 423
Expires: -1

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 16C7 42 B
66 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssI-Mk9ptyrtphgrqQ6bcWnOo4hwBwucDK8AuzFZMK6fujxTg7hK2H2biBhVHxpZOguIw89z9kohO5UDtnXBmhLiYLhLKfISt9WGT8kW6AXgExrxijZzO5VNcCNOXLJTD0lHpSdSSp41hGxwgcm6WGr&sai=AMfl-YT7HESJLXUEQ4zM1fLZ-SczNH1ORt4K7zbMjQ6cmq_A0v-vs_6sL9dilYCHQZ-J_GBUK8PM95q7pabeWPIQEC8TE8q6T6XHFq6qzQHFblk_1Jh0tNXn1A_rn3w2&sig=Cg0ArKJSzCp600lb5DuBEAE&cid=CAASPeRodWMJ-9dwQSEMIKt62PlM1hp8Pn4OU7x9ISCj-vsh6aim0q-OAlwq7jeU_HxuSrwh1ZIchvymr6aCZ6Q&id=osdim&mcvt=1011&p=472,260,562,1340&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20210310&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3566483056&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615507300437&dlt=258&rpt=3&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_spot.ashx Show response
spnativeapi-tls.i-mobile.co.jp/api/ Frame BE58 2 KB
2 KB 583ms
552ms Script
text/javascript 2600:9000:2127:6800:1f:5b22:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spnativeapi-tls.i-mobile.co.jp/api/ad_spot.ashx?partnerId=70754&mediaId=509875&spotId=1715044&asn=1&num=7&callback=imobile_jsonp_callback_5648753d7fc8
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:6800:1f:5b22:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6dde05bfc1d85cf58f285285f0e6d3cecb9bf3b6c22e2b0fff40a444d48c18b5

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:43 GMT
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
server: Microsoft-IIS/8.5
x-amz-cf-pop: PRG50-C1
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: private
content-length: 1964
x-amz-cf-id: qfc3VVcJ3n4-D72rAWmmaEoKdaHJv38R9-JILiI0urUoB83stlU6wA==

GET
H2 200 ad_creative.ashx
spcdnsp.i-mobile.co.jp/ Frame 8C85 112 KB
112 KB 39ms
10ms Image
image/jpeg 2600:9000:2182:c400:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spcdnsp.i-mobile.co.jp/ad_creative.ashx?advid=6374178
Requested by: Host: c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
URL: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 80afea34de845cf6c968c30be22cbcf57297b1f3afa54d0fffdbfd089009615c

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 22:28:06 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 00:18:40 GMT
server: Microsoft-IIS/7.5
age: 5614
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: private
x-amz-cf-pop: DUS51-C1
content-length: 114281
x-amz-cf-id: q3P8Qjv9quFDNsKUW75EdWQwwD7SwblysB7I5Y7oJ6dMb6T9bElFLA==
expires: Mon, 01 Jan 0001 00:00:00 GMT

GET
H/1.1 200
OK imp_count.ashx Show response
ssp-bidapi.i-mobile.co.jp/ajax/imp/ Frame BE58 12 B
638 B 269ms
269ms XHR
text/plain 18.177.223.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/ajax/imp/imp_count.ashx?pid=70754&mid=509875&asid=1715044&bidid=655dd36f-fec5-423d-8846-a2c2fd983d72&demander_type=1&demander_id=1&spec=0
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.177.223.75 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Mar 2021 00:01:42 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 132
Expires: -1

GET
H2 200 ad_imp_count.ashx
spnativeapi-tls.i-mobile.co.jp/api/ Frame BE58 120 B
431 B 544ms
544ms Image
image/png 2600:9000:2127:6800:1f:5b22:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spnativeapi-tls.i-mobile.co.jp/api/ad_imp_count.ashx?pid=70754&mid=509875&asid=1715044&advid=6374178&asn=1
Requested by: Host: c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
URL: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:6800:1f:5b22:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:43 GMT
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
server: Microsoft-IIS/8.5
x-amz-cf-pop: PRG50-C1
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache, no-store
content-length: 120
x-amz-cf-id: hKXVU-hKgk9UUqflGjUtLbmNxL1BsnlHGGdSWvhcgplYWfHtGgoBXQ==
expires: -1

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 011C 0
0 116ms
60ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTez7zt1IedPnl-Q7LkkU-2WuiSD7iCf04ysAb0Oe3c3UEwof6q_lwouqR8ftaFTnEUTV_U6-avi0-8oqtXj3JkdOVrerlOgt39EbzHQaVRy3kHDMgvHDlA_t4pc8gtx-YekEk9it3tOn_YB92Ln0hEIJpPbHvO-bbJBoDV37ZZWDSzSp1OQdhaS0aFAyZmq9HNSIsVFB9nYHJnhgvF6oEa3jI_fn4Hne27XpYRm6blsbXU-yHZ5plJLN-Le4yK00iHUgCt5QlQMrdMvclNVkRUQaOwep_2w&sig=Cg0ArKJSzHAmNKylglxWEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Mar 2021 00:01:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Mar 2021 00:01:44 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210309&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8bc8f959f442b0d97f79f93c326a74bf1c26c2109aaf7be10a0bc9a361ee0a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Mar 2021 00:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6503
x-xss-protection: 0

GET
H2 200 icon_F0woD3yKPqh4wRWu.png
cdn.picrew.me/app/image_maker/678462/ 29 KB
29 KB 15ms
15ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/678462/icon_F0woD3yKPqh4wRWu.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 031af6821e5e8156e64d7a633b7a1185a515d3cd77715a06af81d9b19bbcd708

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OzdwB8tbfBcRxzcLedQswUrCHV.OUjw8
last-modified: Sat, 06 Mar 2021 01:20:30 GMT
server: AmazonS3
x-amz-cf-pop: LHR62-C5
etag: "3e20c89768f5623020a49d68b10fd9ed"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://picrew.me
cache-control: max-age=7262301
date: Fri, 12 Mar 2021 00:01:44 GMT
content-length: 29344
x-amz-cf-id: DMo_eBfiXGtQC_bnBwMzb1ELKV8266HOZFLjhOUnrxSkDtGn2l3kYA==
expires: Fri, 04 Jun 2021 01:20:05 GMT

GET
H2 200 icon_csLJT7xVTJdt2lcJ.png
cdn.picrew.me/app/image_maker/688334/ 3 KB
3 KB 21ms
21ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/688334/icon_csLJT7xVTJdt2lcJ.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e1879f4f9490200f92c62202737e34de43057d10635644700d57c41504c4aca

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GKq38rxdg2c6ZaETqmg7hOoGaLZBlmTx
last-modified: Wed, 10 Mar 2021 15:31:18 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-C2
etag: "fb9a49e7bed01daa090e027f0ae40482"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://picrew.me
cache-control: max-age=7659041
date: Fri, 12 Mar 2021 00:01:44 GMT
content-length: 2740
x-amz-cf-id: WYnXOa2ch5vo3_zPcerNk3Dr9jYK07Z9b3TprovT5pkQJFlQVlIJBQ==
expires: Tue, 08 Jun 2021 15:32:25 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 12 Mar 2021 00:01:44 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 97D0 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://picrew.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://picrew.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 11 Mar 2021 17:44:04 GMT
expires: Fri, 11 Mar 2022 17:44:04 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22660
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 97D0 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 14:40:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 33650
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Fri, 11 Mar 2022 14:40:54 GMT

GET
H2 200 icon_WXVqiAlK34sUQZC1.png
cdn.picrew.me/app/image_maker/691705/ 16 KB
17 KB 64ms
64ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/691705/icon_WXVqiAlK34sUQZC1.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69c61fd6f7c3ff1db1c4783e9ae8cc9b5abbd4615dbfcaffd7fda6e4fc9e1e48

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: J40eFKE6Vw3Jr8NPs4hwEtR1YjQiFITG
last-modified: Thu, 11 Mar 2021 23:41:10 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "89b81eff3684adb1dc7f5eb67048ee1c"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: https://picrew.me
cache-control: max-age=7774706
date: Fri, 12 Mar 2021 00:01:44 GMT
content-length: 16506
x-amz-cf-id: ytJMfkGmlvc19blzuIDW9M25m83KNIPfeflKEgyIspseh2ljdAMCHg==
expires: Wed, 09 Jun 2021 23:40:10 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210309&jk=4375791250579089&bg=!JySlJGfNAAUO7zDoDjsAKQB2-DxaBkVw-2njJdtywA88sJ2RopdfQabCzEfawpZih5bhULiW0CJDAgAAAF5SAAAADGgBBwoBIh7F28C17eiCVWijVEZloD0H0RNmq_htHqbLw-IOTq3Te0wbVqivjJw2ttHTBRDcG7nKABzHt_o7wPW5Y1RauVM78IkwLjNYQOIVnfrPdEs3QxVcsHbV0sTS4TO-O4d5HFz7uRy395vIQ7X75rq2CrFkKIgr9D4j2JmzYdce0ZSsf5rmfS9Fk-hWaBMZ7BlsIjIbYVilPxRFNpW8ppLrFdm0P0FJNcG-ECzFNqzXih_pUlNPdm0mJXkCneFgbbKxfhSiIpnRq4nHX-l0CF2enAME_MeipqkPBB_AfxLrDz_iaJcG-OT915JrglkjhziSyK0daaHhFls8O5ebAIge3zv6xJBuuicuXGgMvVtX2Y0t3X8khxncvWHnLNZ17uU_1Xa-mQIMU16R8PBQfOMJN-G-4PQj4RaS6KcGVE2OTm5FVqO_5Ztn2VAz4_ge6RhVW2QexIselt60lsOBdlzWbkiWu1zfv43XavAjbtbm4rzjbmvxgr5_Z94i1o8vfmIKhhtts4A_GRRX3gZNFMDWkgRHaDnBWl74r-yaDb1VhM_XVTaSF0dqjyNE5xedEywVBC9m_rN9aZS4j7YI_3-ekNt9XM5qoh3mbbkpOQ6aKVCgtTE-Ouu1TyYzADaBaiV4wY0ETgIe0AXKje-HRtTAgVLMhDCQQXKEUyus9f8sBf42p_uYV663k6PQGN1lDkchvaWZTmkdqxgkiLQXz0-5wtp71utsJ6N5cNjzbyStIismEoOMyLXn-zwBvWdkUJoWRUfg8zL6mWeUzTW78fJVJVhCE2yc6YKlZ7hmUtjn7h4ABJDvRXD3yYF0aGgzSQ75l0-uDnrrErHyvWTyAJ2Xf60L664KuKK5QSndl_NpmkzHzr4W3wFnKpxjunNlDEqdM2UAbmHcbVKnwggWpwxbevxNI4A_SY8KM5u4cmDOilQZXEmqaSjNNFLl7E4ducxN908uqfBPoobhdSQF52FK1DLufehWr1t3WwltczrTbPt2ivPWyRPN07y0CcllhsxyoNn1Zty0IuQjIajA-RaqY-dQodCfhd-vgtNNIW71UGBSPl1me6v11H_D9ourZ5NtjvM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 011C 42 B
89 B 41ms
39ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssheXJj6UaYkyD7VEkEsFkjzsPUimJ5vl8g1wIWTiqbR2YAZwi1sWXCa-GY2chejd-xTtEFBLVpJnpnDs4VyG8NAr-QVqcNmI4JI3sa7j4&sig=Cg0ArKJSzGz-ANBG08TYEAE&id=osdim&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210310&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1685291603&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1615507300670&dlt=39&rpt=1&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3885 0
121 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=845.0000&a1=https&f1=layout_html&s1=0&d1=29.0000&a2=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F5608669947882404369%2Findex.html%23t%3D10629230365157429231%26p%3Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net&a3=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fgadgets%2Fhtml5%2Fapi%2Fexitapi-impl.js&s3=322.5100&d3=31.9700&a4=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fgadgets%2Fhtml5%2Faddata.js&s4=322.7550&d4=33.1100&a5=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F5608669947882404369%2Fc7dacafa6023ba57a8f6a37ebd98063f.js&s5=322.9500&d5=34.5500&a6=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F5608669947882404369%2Fmedia%2Fafd7d8950b49bd19d0eac2a332705285.jpg&s6=480.3850&d6=16.1800&a7=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F5608669947882404369%2Fmedia%2Fadace9085412ed839f5f3d39b3e5db47.png&s7=480.5750&d7=12.1650&a8=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F5608669947882404369%2Fmedia%2F93fa650c3d79209197cb6da2e1b2bbba.svg&s8=480.7350&d8=15.3100&a9=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F5608669947882404369%2Fmedia%2F16fb75c5e31d6df58a77f2faa6e79911.png&s9=481.2000&d9=15.7000&a10=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F5608669947882404369%2Fmedia%2Fc0767f840d8f7205e20f54042a1c8857.svg&s10=638.8800&d10=12.3300&a11=https%3A%2F%2Fpagead2.googlesyndication.com%2Fbg%2FKT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js&s11=844.1650&d11=11.9600&a12=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F5608669947882404369%2Findex.html&f12=Custom_layout&s12=-1&d12=-1&i=496755193803&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F5608669947882404369%2Findex.html&gqi=ZK9KYOCyGtS4x_APveGE-AI&qqi=CM6imda5qe8CFbjKuwgdHfQFfw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 00:01:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN : sameorigin
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad.turn.com
ads.pubmatic.com
adservice.google.ch
adservice.google.com
adservice.google.de
amazon-tam-match.dotomi.com
aud.pubmatic.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
c5273b3263c66ac982b47a1e5d54bd82.safeframe.googlesyndication.com
cd.ladsp.com
cdn-fluct.sh.adingo.jp
cdn.picrew.me
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
cr-p31.ladsp.jp
cr-pall.ladsp.com
d5p.de17a.com
dad.ladsp.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imp-adedge.i-mobile.co.jp
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
p.typekit.net
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
picrew.me
pixel-sync.sitescout.com
pixel.quantserve.com
platform.twitter.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
securepubads.g.doubleclick.net
share-cdn.picrew.me
simage2.pubmatic.com
spcdnsp.i-mobile.co.jp
spnativeapi-tls.i-mobile.co.jp
ssp-bidapi.i-mobile.co.jp
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
syndication.twitter.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
use.typekit.net
visitor.fiftyt.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.244.42.72
13.226.159.230
13.226.159.5
13.32.21.120
13.32.21.36
130.211.14.194
142.250.185.194
151.101.14.49
159.65.197.210
169.50.137.190
172.217.18.98
173.231.180.197
178.250.2.151
18.177.223.75
18.185.180.173
18.200.32.159
185.29.135.226
185.33.220.240
185.64.189.110
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.86.139.89
198.148.27.139
2001:678:cb4:bbbb::11
213.155.156.184
2600:1480:4000:e5::
2600:9000:2127:6800:1f:5b22:6e00:93a1
2600:9000:2182:7200:1f:2964:4340:93a1
2600:9000:2182:c400:c:2040:40c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1857
2606:4700::6810:125e
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:803::2008
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9c
2a02:26f0:2100:1a0::19fd
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba6b
2a02:fa8:8806:16::1400
2a02:fa8:8806:20::2010
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.56.137
35.201.96.126
37.157.4.39
51.75.146.161
52.95.124.165
54.194.13.58
65.9.95.127
65.9.96.122
65.9.96.93
66.155.71.25
77.243.60.138
84.53.188.235
85.114.159.93
025fc4bd6ee4668c77708377efa6d4ff9c99e12b856d685740340309e6e19024
030e89938b374147feb165ab2cf0f4830f30d972172c8c48687b516480e79f21
031af6821e5e8156e64d7a633b7a1185a515d3cd77715a06af81d9b19bbcd708
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070ed24fbc7e905df4b9be20b010286fddaf15b4ab1f0dc2f19a0cd0dbee12ef
0862cba97e32d121c4b97badf91da074a845f9dfa4d2527e4cdf462ded1a4e7a
0a7d1f74a315d0bc656efdd8619a8239be66d9710b803ce4522ec8cc0fad04af
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f421cd9c538701b2399f41b5e65fea622a771087cdc5cf4fe0e086988dba324
10d487a7c7244ef170562595193d1b80f7157dca787da0141283f3ca30b0a8d3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11798795021731f36ae2fdf75c7a8341e87e4a06ab90d6f5514543f6c2df087a
12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3
12afe314c5517cc28e452aa2181b33fe682664ac32c2fcfa53cfa66823b2d4d7
15ef3f33a2ee53ea738854cfbac4598cb4b547def59d500dcc7be9f878ac7496
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
16cad2e6beabbaba2649cdac66affba5d690012a4d8437529ef5780734f06af1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
19de2990cc4bf4dff1f0c4476346f3308511afa6699d52c3bd3005abbe6adf6f
1bf34e77ed7eba013e27e995b8a9264ad7156c94c9e57d2883ecd2708e254277
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
25a95b3c878dc75218dc64253c799f54d5146215130a08652bd0437efddaa698
261cd88e1d179dfa31be0397e0f85a43adff01142df977870d13ebbdd4d0021e
27c4ccb1e0b7343884d41ddf1d85b6d0c5acb79066736044361e431e42079c29
293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184
2b65a8bf8d25642b29e9a3e518b0f5e489b6243dbe9a2cfc002cde358763af68
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
342245848b6ba171bf23a54eed05aac9d589fc25ec56ae717fdc517178c88492
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
377ee7092af19c39daed104f096ab955a8dcd5bb4d7c4d7922fea197336bea65
3873161def382c79f71dcce9751dce2210746e4986d25f40b26ccc061e510225
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41568ba8144f47b70f0e4189b2d731a9f5a81da15257ca330da0a6f6db9b30a5
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
44a22fef852b755d15b52431cde90799d51ff96c0bcc49fe44132d4fd57f3ea8
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc7839b6879b5e3b3605484e1ab69e4f0c3583dde2831953f6cc7face1a4be4
50a165ac70e69463a8db56b53df933937ef9d9565ecebf063e31956903399573
52b4ee89fd2313064e7997882f72b9c9ded4564ecaa287bbe22e97f8af888077
57020ca7a366c524aa07065d386d82739080316faced4faf1e17013f8245d17f
58afa62e86777f073dcafb9835891c1f032fc2f28ed1e4b3b310fa1eeec89659
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5bc401528e210d05de92040de97620a3d079d8c5f93907ce6e5beed90a178b8e
5f63dd5e7cc8c55823ecda86e4ad865160784caa9fa11b561bc62a98584c72d9
61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704
62d421f6ff06b84c2cbb089bdbcd55849433f531b64dfd8558e02e9b6dca99e3
630224c14627ca2a35c7c9a77ea0d24daad76b00fee1033c7eef00e1ca094b77
63d0bbc55d990fec6e48615b095b47c8cb477fa695c350fee5e69bda28f6a1f9
669502209c826fc9763fa13f3fe42d47a041e674de35bb0af86cf9341b69ef53
6839f63b076b9adccd2483e6d68c74899b7573f97e5e7912e95c78fa34b5c5e1
69c61fd6f7c3ff1db1c4783e9ae8cc9b5abbd4615dbfcaffd7fda6e4fc9e1e48
6dde05bfc1d85cf58f285285f0e6d3cecb9bf3b6c22e2b0fff40a444d48c18b5
733f015f134ae2c884d3b4579b41d3a2a11edd2872f649de4abb40a8f7e4f784
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
7ad582812f30bccc1425611adead2395ca65d59bfe6a6add62fa61b9ee773986
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7dd21c9cea9dadb7e0531c837945e64ecbf1b4fdc2ec4f5c0b736715064f7ebc
805f4bcf1a7b9b26c6d538eef8dd84016347783281243e94eb2d627db1cbe06a
80afea34de845cf6c968c30be22cbcf57297b1f3afa54d0fffdbfd089009615c
8108ae29247cfbacfd42683c388fe31e7421e2262658be4da84b1d6790db70b3
81c99290fb6b187f1066ed05804f14ef112f2d11320385225b5760b65eb73d70
825dd16d8f642ff84080e41219f2642bdd77fc30df9b8bb50dbe240c42b8b393
8285c162faba73f57257892f4cac256e6c5efc648820a24e7591ac582ceec359
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a47975471e9df4bf9686c6ed4385dc36565f6591d7329863e59791040cb75a
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
87f15fba52ba32ff97868fd9de7d33be5e2d88ecea0c9fe648041d8f270be416
893fc61ae895dc134f30d445297788adc5b52591fb9a427157deb1451f5f22c7
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8c0f9fb9052d0ed4c5add4a220e08215fe790e3545f5b78e865321a468ebfe4d
8e1879f4f9490200f92c62202737e34de43057d10635644700d57c41504c4aca
8e74138744c0536979dd26c7b6ce3432dd7246ac3ee7f193b9c33d41ccb00a89
8ed12e5e9f0fa0e83c6dcf772a86149f2209fef54956080d88e5d0202980ecc4
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
96718b0e8f6eb40caa67a26c15ca906053dac2aa673dd2d595faad6437cef37b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d3a51e09655a2e0c1bc771a8969fa56a9a7c48d3e0004dc9381ab403904a019
a0d5116000dd98bbd0aad3c756821612e4313baa311ed415fd0dbd25ca3a7c31
a229c3aa274a56f05b9e6d2b3a6397e6b7f407a4fc0409b82a10b3fb3c0b265d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5759102be3560ae9f09cc0b868f59e887719923f389330de24f23c28b2c1e13
a62accf28aded0f45f8246af5507154c2114ee83bb73f549afc6a71aa4adecac
a76d28dc856f2bf08be129148ad0e73d71dfac2f3c91f4b7fac8c309b877aed2
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
aa1ec7f296bd54dfd2d769cb451cca2bdf5a82343afa7a23912a0488ebfbf038
ac0d17b07d2501609920c8b5b057f0721a175a97356a337995d2842b5388a023
ae7854ae440a4389fd7d9789c55bd80c7365dc0de4ac53f1702df4d07426f4cb
af26daa00461b356d97b71aae6d033274cb950d9533c5e33caaf525515010ad6
b96bbff8a2328ab57c18797c978c293cec03f64c5f0377fa41431967f52e7a20
ba844f6b39f0fc17897445ff629cb225308935d335aa7dc7686c17160a0e16d4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c679e3bc477933b9d982cf776dbaa60d679eca049f48212664ff95f43fa008ba
c8bc8f959f442b0d97f79f93c326a74bf1c26c2109aaf7be10a0bc9a361ee0a7
cc05e0d988a201b2a2a2c70d1ed07c6bfe375ea68caf825ca7669c318e4a0f27
cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1
cea962ae8f848aa5f50b242cbe62d7af1733295acb481749e6b82bcfdc438fe8
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa12ec82f149397b13df97a7f00e70957a2cda07a6017c3e57893a7a567b0b4
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d37817dff7a5e8bcbbce26be02eeb72d04fb0912a8e62bf2b30a492704e822d4
d567707dfa7bc82435d2ef17f0b280eefdb5d0e811af2113a911c2d9fda38586
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc915d6b9465ad137670d5eb9c3845f436b0f0e5ece8aa5656898419a4440970
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c
e252bb2014a942541aaac1fef928976fc2268a72744e6557a756377fc8b569de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e7617aeb7af2898df1980de406a141ea5660ddfcc4a879e8794036dc29df32c5
e81bc0a6de4e55273d2aa6823d99d395c50f2a323c8b874ce7dcaf73fc17a0d9
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e98a4eaa87878c23468648dab95993b5364dabffd5d3fd09b875243e7d4e9c7c
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3bf09e3b61c52e7b953d05ba561673be13e4b46622a72c3063a77ed2fa6736d
f499b1640a2f682d71c9575a8c129401aea4db96c4b4a6670ff85c67892c7970
f7426120c1348476bb5dd9523107f70258ac8fa929884b9480d69be62da01496
f8dd181f669d9957ecd3e4c955d9ec667d6864aacf4b910f85853cc8f1d625a9
fd94579a69de712d63dfb4561ce4b00d989dacaf86a2da2e4871f4d08026aa78
fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

picrew.me Open in urlscan Pro 13.226.159.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

190 Requests

100 %HTTPS

49 %IPv6

48 Domains

74 Subdomains

58 IPs

10 Countries

3055 kBTransfer

5807 kBSize

0 Cookies

7 Outgoing links

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

picrew.me Open in urlscan Pro
13.226.159.5 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

100 %
HTTPS

49 %
IPv6

48
Domains

74
Subdomains

58
IPs

10
Countries

3055 kB
Transfer

5807 kB
Size

0
Cookies

190 HTTP transactions
18 data transactions