gofobo.com Open in urlscan Pro
52.27.184.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gofobo.ticktbox.com/redirect/Ijw0ki
Effective URL:
https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Submission: On September 01 via api (September 1st 2021, 4:03:48 pm UTC) from US

Summary HTTP 285 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 85 IPs in 11 countries across 69 domains to perform 285 HTTP transactions. The main IP is 52.27.184.18, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is gofobo.com.
TLS certificate: Issued by Amazon on March 2nd 2021. Valid for: a year.

This is the only time gofobo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.226.64.252 44.226.64.252	16509 (AMAZON-02) (AMAZON-02)
9	52.27.184.18 52.27.184.18	16509 (AMAZON-02) (AMAZON-02)
32	13.32.118.55 13.32.118.55	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223c:2400:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.92.163 18.66.92.163	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:27::... 2620:1ec:27::cafe:2080	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700::68... 2606:4700::6811:4e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
1	94.31.29.248 94.31.29.248	33438 (HIGHWINDS2) (HIGHWINDS2)
1	108.161.188.128 108.161.188.128	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2600:1f18:730... 2600:1f18:730:b140:3161:8a8b:ea8c:5d8b	14618 (AMAZON-AES) (AMAZON-AES)
1	52.5.181.6 52.5.181.6	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.112.122 18.66.112.122	16509 (AMAZON-02) (AMAZON-02)
2 4	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.128 18.66.112.128	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
10 10	18.156.153.73 18.156.153.73	16509 (AMAZON-02) (AMAZON-02)
2	44.235.82.75 44.235.82.75	16509 (AMAZON-02) (AMAZON-02)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
4	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.21.10 51.89.21.10	16276 (OVH) (OVH)
1	54.191.133.64 54.191.133.64	16509 (AMAZON-02) (AMAZON-02)
2	35.167.85.56 35.167.85.56	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:7200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
6 13	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
3	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 12	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1 10	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3	52.57.8.242 52.57.8.242	16509 (AMAZON-02) (AMAZON-02)
2	52.58.132.147 52.58.132.147	16509 (AMAZON-02) (AMAZON-02)
4	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	13.32.121.3 13.32.121.3	16509 (AMAZON-02) (AMAZON-02)
1 6	54.236.238.76 54.236.238.76	14618 (AMAZON-AES) (AMAZON-AES)
1	2.16.186.186 2.16.186.186	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 4	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5 6	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	34.240.223.28 34.240.223.28	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:444... 2600:1f18:444a:4680:b988:ecc0:9832:67ce	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.159.171.176 18.159.171.176	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::300 2a04:4e42:3::300	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
18 22	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2.18.233.89 2.18.233.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
4 5	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
2 2	213.155.156.164 213.155.156.164	1299 (TELIANET ...) (TELIANET Telia Carrier)
1 9	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
2 2	52.18.12.237 52.18.12.237	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3	208.100.17.188 208.100.17.188	32748 (STEADFAST) (STEADFAST)
2 2	3.123.143.157 3.123.143.157	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.105.17 18.195.105.17	16509 (AMAZON-02) (AMAZON-02)
5 5	52.49.53.128 52.49.53.128	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
285	85

1 44.226.64.252 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-226-64-252.us-west-2.compute.amazonaws.com

gofobo.ticktbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.27.184.18 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-184-18.us-west-2.compute.amazonaws.com

gofobo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 13.32.118.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-55.fra60.r.cloudfront.net

dk2d6nav3mn9d.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:2400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.92.163 (United States)

ASN16509 (AMAZON-02, US)

d2u384mreupnc8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2080 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.248 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.248.IPYX-077437-ZYO.above.net

asset.pagefair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.188.128 (United States)

ASN33438 (HIGHWINDS2, US)

asset.pagefair.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:3161:8a8b:ea8c:5d8b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.181.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-181-6.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.122 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.128 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.156.153.73 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-153-73.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.235.82.75 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-82-75.us-west-2.compute.amazonaws.com

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.10 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p24.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.191.133.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-133-64.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.167.85.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-85-56.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.234.21 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.33.221.87 (Amsterdam, Netherlands) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

propermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.8.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.132.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-132-147.eu-central-1.compute.amazonaws.com

pre.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-3.fra60.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.236.238.76 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-238-76.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.186 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-186.deploy.static.akamaitechnologies.com

sli.gofobo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.132.241 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.131 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.223.28 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-223-28.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:b988:ecc0:9832:67ce (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.171.176 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.181.226 (United States) 18 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.233.89 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-89.deploy.static.akamaitechnologies.com

68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.238 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.164 (Uppsala, Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.210.112.63 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.12.237 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-12-237.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.100.17.188 (United States)

ASN32748 (STEADFAST, US)
PTR: ip188.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.143.157 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-143-157.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.105.17 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-105-17.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.49.53.128 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-53-128.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	212 KB
38	doubleclick.net 18 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	243 KB
33	cloudfront.net dk2d6nav3mn9d.cloudfront.net d2u384mreupnc8.cloudfront.net	587 KB
19	2mdn.net s0.2mdn.net	712 KB
15	pubmatic.com hbopenbid.pubmatic.com Failed ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com image4.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	35 KB
14	adnxs.com 8 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	13 KB
13	casalemedia.com 6 redirects as-sec.casalemedia.com dsum-sec.casalemedia.com	13 KB
12	rackcdn.com 68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com	1 MB
11	liadm.com 2 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com i6.liadm.com	18 KB
10	openx.net 1 redirects propermedia-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
10	bidswitch.net 10 redirects x.bidswitch.net	4 KB
10	gofobo.com gofobo.com sli.gofobo.com	55 KB
9	clarity.ms 1 redirects www.clarity.ms c.clarity.ms e.clarity.ms	24 KB
9	youtube.com img.youtube.com	168 KB
7	proper.io global.proper.io usync.proper.io bids.proper.io eb.proper.io	112 KB
6	adsrvr.org 5 redirects match.adsrvr.org	3 KB
6	cookielaw.org cdn.cookielaw.org	120 KB
5	bidr.io 5 redirects match.prod.bidr.io	3 KB
5	adform.net 4 redirects c1.adform.net	2 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	4 KB
4	googletagservices.com www.googletagservices.com	138 KB
4	google.com adservice.google.com www.google.com	698 B
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com	37 KB
4	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	14 KB
4	fastclick.net secure.cdn.fastclick.net	92 KB
4	quantserve.com 2 redirects secure.quantserve.com pixel.quantserve.com	10 KB
3	tynt.com de.tynt.com	867 B
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	sharethrough.com btlr.sharethrough.com	328 B
3	33across.com ssc.33across.com	673 B
3	facebook.com www.facebook.com	443 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	903 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	addthis.com 1 redirects x.dlx.addthis.com	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	justpremium.com pre.ads.justpremium.com	5 KB
2	districtm.io dmx.districtm.io cdn.districtm.io	280 B
2	dotomi.com web.hb.ad.cpe.dotomi.com proc.ad.cpe.dotomi.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	113 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com	31 KB
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	contextweb.com 1 redirects bh.contextweb.com	497 B
1	simpli.fi um.simpli.fi	609 B
1	criteo.com dis.criteo.com	337 B
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com	667 B
1	createjs.com code.createjs.com	63 KB
1	google.at adservice.google.at	853 B
1	taboola.com trc.taboola.com	238 B
1	sonobi.com apex.go.sonobi.com	775 B
1	lijit.com ap.lijit.com	595 B
1	1rx.io tag.1rx.io	166 B
1	quantcount.com rules.quantcount.com	428 B
1	rlcdn.com api.rlcdn.com Failed ats.rlcdn.com	61 KB
1	sharedid.org id.sharedid.org	210 B
1	id5-sync.com id5-sync.com	528 B
1	bing.com 1 redirects c.bing.com	441 B
1	pagefair.net asset.pagefair.net	346 B
1	pagefair.com asset.pagefair.com	332 B
1	onetrust.com geolocation.onetrust.com	373 B
1	googletagmanager.com www.googletagmanager.com	37 KB
1	ticktbox.com 1 redirects gofobo.ticktbox.com	853 B
285	69

	Domain	Requested by
32	dk2d6nav3mn9d.cloudfront.net	gofobo.com dk2d6nav3mn9d.cloudfront.net
22	cm.g.doubleclick.net	18 redirects googleads.g.doubleclick.net eu-u.openx.net
20	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com gofobo.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
19	s0.2mdn.net	gofobo.com s0.2mdn.net 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com tpc.googlesyndication.com
12	68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com	5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com code.createjs.com
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	ib.adnxs.com	8 redirects global.proper.io googleads.g.doubleclick.net
10	x.bidswitch.net	10 redirects
9	img.youtube.com	gofobo.com
9	gofobo.com	gofobo.com
6	eu-u.openx.net	1 redirects global.proper.io eu-u.openx.net
6	image2.pubmatic.com	1 redirects ads.pubmatic.com
6	googleads4.g.doubleclick.net	gofobo.com
6	match.adsrvr.org	5 redirects eu-u.openx.net
6	i.liadm.com	1 redirects b-code.liadm.com i.liadm.com
6	cdn.cookielaw.org	gofobo.com cdn.cookielaw.org
5	match.prod.bidr.io	5 redirects
5	c1.adform.net	4 redirects ads.pubmatic.com
5	googleads.g.doubleclick.net	5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com gofobo.com
5	e.clarity.ms	www.clarity.ms
4	www.googletagservices.com	securepubads.g.doubleclick.net 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
4	5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	sync.mathtag.com	4 redirects
4	c.amazon-adsystem.com	global.proper.io c.amazon-adsystem.com
4	secure.cdn.fastclick.net	global.proper.io secure.cdn.fastclick.net
4	ups.analytics.yahoo.com	4 redirects
4	securepubads.g.doubleclick.net	global.proper.io securepubads.g.doubleclick.net
3	ade.googlesyndication.com
3	us-u.openx.net	eu-u.openx.net
3	de.tynt.com	global.proper.io
3	simage2.pubmatic.com	ads.pubmatic.com
3	pixel.onaudience.com	3 redirects
3	www.google.com	5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com tpc.googlesyndication.com
3	pixel.quantserve.com	2 redirects gofobo.com
3	btlr.sharethrough.com	global.proper.io
3	ssc.33across.com	global.proper.io
3	www.facebook.com	gofobo.com
2	ads.creative-serving.com	2 redirects
2	pm.w55c.net	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	eus.rubiconproject.com	global.proper.io eus.rubiconproject.com
2	ads.pubmatic.com	global.proper.io ads.pubmatic.com
2	prod.perf-serving.com	2 redirects
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	2 redirects
2	pre.ads.justpremium.com	global.proper.io
2	bids.proper.io	global.proper.io
2	usync.proper.io	gofobo.com
2	c.clarity.ms	1 redirects gofobo.com
2	www.google-analytics.com	gofobo.com www.google-analytics.com
2	global.proper.io	gofobo.com global.proper.io
2	www.clarity.ms	gofobo.com www.clarity.ms
2	connect.facebook.net	gofobo.com connect.facebook.net
2	b-code.liadm.com	gofobo.com b-code.liadm.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	eu-u.openx.net
1	bh.contextweb.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	secure.adnxs.com	acdn.adnxs.com
1	image6.pubmatic.com	ads.pubmatic.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cdn.districtm.io	global.proper.io
1	acdn.adnxs.com	global.proper.io
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	s0.2mdn.net
1	code.createjs.com	s0.2mdn.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.at	securepubads.g.doubleclick.net
1	trc.taboola.com	i.liadm.com
1	i6.liadm.com	i.liadm.com
1	sli.gofobo.com	gofobo.com
1	eb.proper.io	global.proper.io
1	ats.rlcdn.com	secure.cdn.fastclick.net
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	propermedia-d.openx.net	global.proper.io
1	dmx.districtm.io	global.proper.io
1	web.hb.ad.cpe.dotomi.com	global.proper.io
1	fastlane.rubiconproject.com	global.proper.io
1	apex.go.sonobi.com	global.proper.io
1	as-sec.casalemedia.com	global.proper.io
1	ap.lijit.com	global.proper.io
1	tag.1rx.io	global.proper.io
1	rules.quantcount.com	secure.quantserve.com
1	id.sharedid.org	global.proper.io
1	id5-sync.com	global.proper.io
1	vars.hotjar.com	static.hotjar.com
1	secure.quantserve.com	global.proper.io
1	script.hotjar.com	static.hotjar.com
1	rp4.liadm.com	gofobo.com
1	rp.liadm.com	1 redirects
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	asset.pagefair.net	gofobo.com
1	asset.pagefair.com	gofobo.com
1	static.hotjar.com	gofobo.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.googletagmanager.com	gofobo.com
1	d2u384mreupnc8.cloudfront.net	gofobo.com
1	maxcdn.bootstrapcdn.com	gofobo.com
1	stackpath.bootstrapcdn.com	gofobo.com
1	gofobo.ticktbox.com	1 redirects
0	hbopenbid.pubmatic.com Failed	global.proper.io
0	api.rlcdn.com Failed	global.proper.io
285	110

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
proper.io
onetrust.com

Subject Issuer	Validity	Valid
gofobo.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-06-12` - `2021-09-10`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
asset.pagefair.com Let's Encrypt Authority X3	`2020-01-22` - `2020-04-21`	3 months	crt.sh
asset.pagefair.net Let's Encrypt Authority X3	`2020-02-08` - `2020-05-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 02	`2021-06-27` - `2022-06-22`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2020-12-20` - `2022-01-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2021-03-11` - `2022-03-15`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
id.sharedid.org Amazon	`2021-01-08` - `2022-02-06`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
tracking.justpremium.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
sli.gofobo.com R3	`2021-07-06` - `2021-10-04`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.google.at GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
*.ssl.cf2.rackcdn.com DigiCert SHA2 Secure Server CA	`2021-03-22` - `2022-03-30`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.pbp.bf2.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-18` - `2021-11-17`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Frame ID: F7B493241AC536D5F6925AAF93A7B37F
Requests: 136 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: EABC934694AB99A2966B7B53ABE004F6
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-00jp?s=&cim=&ps=true&ls=false&duid=0304f7a82132--01feh1kmab8rz1w90pt4y8rcys&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 27A36C54A9561F00F99589DC35074DE5
Requests: 8 HTTP requests in this frame

Frame: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 79FB4511A45EBA01A9DA7FEFCFBC8D7B
Requests: 1 HTTP requests in this frame

Frame: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 20E92F31C4CE7AAFE0EECE701BAB251D
Requests: 16 HTTP requests in this frame

Frame: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 58888B66037A109CD22392B9B00F8BFD
Requests: 14 HTTP requests in this frame

Frame: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A0B2B41F31B5882A7C320CCC43E51D4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-1wgIQr-HgAhjhz9iyATAB&v=APEucNWjSMBVYE47lFCZ1qqBMS_q5Vsok2nkGmyKywRuScFvxIBmtaW1ms1k9pEJBPnw8MOp4SEXPgA1LJc0GhJvrlrk-Q4ntetwy3FJ5-KxaIaR8M-poVBv4LYfcjlkF-9Ojh_Y067HiEyHlgQcSoVyGTEAXFCTy-sgYmfkQoGKaBhhOV8yxmQ
Frame ID: B8016357D14F2DC8962444B091EC6F41
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARj-k6htMAE&v=APEucNVGOWeytXKU4cIf_kWgalShD8RP8oaU-ZfrWEp49bxnXA4bddDLUHusvW9sY695Ft8aBxu2VM8b2jCn6xxqWTSKlNY8VYhdUcnAyhMaypVUxu1cls52rVPiLyGrJx1z5SCgTRg0_GAmgQb_l25n6QajtGyn7Ab4kETJo9AU05TBCeldet8
Frame ID: F250E7CA5AED36E0685FAB30D194D3FC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLPc_7ICELv9s7sCGLyL068BMAE&v=APEucNW1aTpgHvQdi600lGWEHQbZAKZLbEN4iqPIYmL-aRxiCFwvq2cHqWJ-ktNj-nZCKFmsRYNlR_Ayt9AXN25iwWqxaC0MbT0goTGDc1osYLBiiCB7IATHHk-KaEWat306Vi0MOm4ykmtK8E98YCdR-ijbnRaSZHvJcJ8ajT8qkTJy0RJdq8o
Frame ID: 35F9AB85A896B62F273BD61B06030087
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1996954C743453AE3B43507CC92F89A2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6CF40CA3C614B6589DB5F5EDD725EBB
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6964092466164447826/15390_Billboard_4/index.html
Frame ID: CD780F1241C4F4A960BCBD41F7CD8249
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 04BA7509F316DE7A7F14180748758C95
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9886474/1629463314265/728x90/index.html
Frame ID: B4A582F873FDA1F70EA4C6B2742FD352
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/367430472684273664/index.html?e=69&leftOffset=0&topOffset=0&c=PNXlCjvSFB&t=1&renderingType=2
Frame ID: 5ACC85DCEE22EAF4D9F18A6BD828422A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2A62C6FA5B76CCD5E408BE4FA7FA4829
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5531056DD9C0C7ED9265384966397BAE
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: B8EAD868FB06977FB73EEE1F0FA81998
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: F645C3B41D09F5736AD55167C3DB3E08
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=an4t80s1630512206519
Frame ID: 26CBDB05969F0F9135B2545F3820F6C5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C11BDC1D2691878602C4D83590DBB16A
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6EE5B6CB894539BCAB6140B9BB881C65
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF
Frame ID: 632417200E8A843CA202C75E22EB8C47
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667063519188721093
Frame ID: A58192EAB9F497F563D7F18D838E2B52
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 1684F24AEBCCEBB6C60461E36418FB22
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Frame ID: 00017E72FE54A663E57A2A9A14F86421
Requests: 11 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dIiXMspHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 6CBBDF29C64233528C288E70C6F9EA72
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dEJ4uepHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: B7E74E127FF95C99D6A785E623FB6595
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dVJisCpHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 22616DBBABC86D5591746C37FFE73E00
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gofobo Trailers | THE CARD COUNTERBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://gofobo.ticktbox.com/redirect/Ijw0ki HTTP 307
https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
script /owl\.carousel.*\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
script /owl\.carousel.*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

285
Requests

99 %
HTTPS

34 %
IPv6

69
Domains

110
Subdomains

85
IPs

11
Countries

4088 kB
Transfer

9132 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://gofobo.com/main/trailerDetails/397428997
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://gofobo.com/main/trailerDetails/397428997
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gofobo

Search URL Search Domain Scan URL

URL: https://twitter.com/gofobo

Search URL Search Domain Scan URL

URL: https://instagram.com/gofobo_official?ref=badge

Search URL Search Domain Scan URL

URL: https://proper.io/?from=sticky

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gofobo.ticktbox.com/redirect/Ijw0ki HTTP 307
https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=C6E38CCED654499E9D1C22FFE171478D&RedC=c.clarity.ms&MXFR=2BCDD55EEE916A6A0092C5FBEA9164A5 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=C6E38CCED654499E9D1C22FFE171478D&MUID=0714DFCBFE5B6E0D1EEFCF6EFF896F3B

Request Chain 74

https://rp.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&duid=0304f7a82132--01feh1kmab8rz1w90pt4y8rcys&se=e30&dtstmp=1630512206331 HTTP 302
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&duid=0304f7a82132--01feh1kmab8rz1w90pt4y8rcys&se=e30&dtstmp=1630512206331&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Request Chain 83

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D68f6f867-30d4-4e25-88a9-1502bc5a4240%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_fa071a34_1c92aa03_1 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D68f6f867-30d4-4e25-88a9-1502bc5a4240%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_fa071a34_1c92aa03_1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=68f6f867-30d4-4e25-88a9-1502bc5a4240&uid=07c585ab-447a-4927-ace4-b340c7512bb0

Request Chain 84

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_3cac305c_3bf91e95_2 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_3cac305c_3bf91e95_2&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-uZzgENlE2uGHeJkIe5dpYjmn69Zd2w0j~A

Request Chain 126

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F1d4bd9ae21a54e4f8ca346baeb3ce55d%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&c9ae6ea7-3893-4acc-8268-4c8a52e9fa83 HTTP 302
https://i.liadm.com/s/e/a-00jp/0/1d4bd9ae21a54e4f8ca346baeb3ce55d?mpid=7156&muid=d67a612f-a450-4e00-8c39-a63087c2250a

Request Chain 127

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=605a0462-6b50-48eb-8eee-a60171074a31

Request Chain 128

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F1d4bd9ae21a54e4f8ca346baeb3ce55d%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F1d4bd9ae21a54e4f8ca346baeb3ce55d%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-00jp/0/1d4bd9ae21a54e4f8ca346baeb3ce55d?mpid=82775&muid=65139477076425635492365597447572864163

Request Chain 129

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83 HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&rd=Y

Request Chain 130

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=aa12b494-64f1-4a95-9079-13ebba7c2ac8 HTTP 303
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=aa12b494-64f1-4a95-9079-13ebba7c2ac8

Request Chain 131

https://x.bidswitch.net/sync?ssp=liveintent&user_id=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83 HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=984bf214-4961-4ed4-955c-a36c26d5f2a3&ssp=liveintent&user_group=1 HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=aa12b494-64f1-4a95-9079-13ebba7c2ac8

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1

Request Chain 170

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS.kU7oFK7I4D02AJBsVrwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1

Request Chain 172

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzOTI3MzIxMTA0NTM1ODY0Nw%3D%3D

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1

Request Chain 174

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS.kU7oFK7I4D02AJBsVrwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1

Request Chain 176

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAzNjA1MTg5NDgxNjY3NzI0MQ%3D%3D

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1

Request Chain 179

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS.kU7oFK7I4D02AJBsVrwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1

Request Chain 181

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAzNjA1MTg5NDgxNjY3NzI0MQ%3D%3D

Request Chain 254

https://c1.adform.net/serving/cookie/match?party=14&cid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF

Request Chain 255

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667063519188721093

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TqZ-nyxwQGixeWCdv1_8rw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TqZ-nyxwQGixeWCdv1_8rw%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 258

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dee8612f-a455-4c00-ba01-08931b345fca

Request Chain 259

https://pixel.onaudience.com/?partner=214&mapped=4EA67E9F-2C70-4068-B179-609DBF5FFCAF HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=d96bd44a-b676-4088-8bbc-cc98b4baeca2&icm HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=8dd2340c59d8a9eb01a1b521f4205702 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=fcd4246fbb881a9c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=beb2f683-8f3b-4f30-4bbb-fe6627034ad6&reqId=35e928e8-bee3-47af-40ad-f427dd0af550&zcluid=fcd4246fbb881a9c&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEOm6URmNi1Or1xp6AWrKbbI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=beb2f683-8f3b-4f30-4bbb-fe6627034ad6&reqId=35e928e8-bee3-47af-40ad-f427dd0af550&zcluid=fcd4246fbb881a9c&zdid=1332

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEVBNjdFOUYtMkM3MC00MDY4LUIxNzktNjA5REJGNUZGQ0FG&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEVBNjdFOUYtMkM3MC00MDY4LUIxNzktNjA5REJGNUZGQ0FG&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 261

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGaopaSQEYp1WhV43Yz3gBw&google_cver=1

Request Chain 263

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2893179158408348885

Request Chain 264

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:afbb612f-a455-4500-82cd-f47ea188c84b&gdpr=0&gdpr_consent=

Request Chain 265

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d96bd44a-b676-4088-8bbc-cc98b4baeca2

Request Chain 266

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7039273211045358647&gdpr=0&gdpr_consent=

Request Chain 267

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bw3qS8NE2uW3GhOwe2XMU8zBUeMfSVM-~A&gdpr=0&gdpr_consent=

Request Chain 269

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ssLCy-XHxZipkJOYs5Ldn-GRxMupxsjPvMEblkis

Request Chain 270

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Request Chain 274

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2BquTTSl1MlsI75

Request Chain 275

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=2815dfcf-0609-4c33-9eb0-6315198e8433 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=2815dfcf-0609-4c33-9eb0-6315198e8433 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=965ad09a-d066-41aa-9e02-c69f66b0a11d&ssp=openx&expires=30&user_group=5&bsw_param=2815dfcf-0609-4c33-9eb0-6315198e8433 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=2815dfcf-0609-4c33-9eb0-6315198e8433

Request Chain 276

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7039273211045358647

Request Chain 277

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDWWhFN0NYMGtBQUJYeHRBT3JmQQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYhE7CX0kAABXxtAOrfA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACYhE7CX0kAABXxtAOrfA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACYhE7CX0kAABXxtAOrfA&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACYhE7CX0kAABXxtAOrfA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID

Request Chain 278

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dee8612f-a455-4c00-ba01-08931b345fca

Request Chain 279

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=jCH2Fdsk8UaXc6dGjXHpQd9y8BWXJfwRgiKeGIB5

Request Chain 280

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2893179158408348885

Request Chain 283

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7y0Cu4j6uvnIhZxoTlZv4&google_cver=1

285 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request the-card-counter-official-trailer Show response
gofobo.com/main/trailerDetails/397428997/
Redirect Chain

https://gofobo.ticktbox.com/redirect/Ijw0ki
https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

57 KB
16 KB

928ms
516ms

Document
text/html

52.27.184.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.184.18 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-184-18.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

cccf28c33d33a9322383ce4c2ce6c310841f267d9e23964d216a4efb35b8e922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gofobo.com
:scheme: https
:path: /main/trailerDetails/397428997/the-card-counter-official-trailer
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:25 GMT
content-type: text/html; charset=UTF-8
content-length: 15225
set-cookie: AWSALB=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; Expires=Wed, 08 Sep 2021 16:03:25 GMT; Path=/ AWSALBCORS=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; Expires=Wed, 08 Sep 2021 16:03:25 GMT; Path=/; SameSite=None; Secure gfb_session=qu5ijcshjfaija0jkh93lgfj05r002gh; expires=Wed, 01-Sep-2021 18:03:25 GMT; Max-Age=7200; path=/; secure; HttpOnly;HttpOnly;Secure
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
feature-policy: geolocation 'self'; vibrate 'none'
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 01 Sep 2021 16:03:24 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
set-cookie: AWSALB=/jKSC0PENjHBzDOStFMuppfnzadcPVIJSVzHjWdsc65VG4AzH8gN5aMBF2DVeKVTUeb1qsXP0+aHmzXAc1AtcPI/VSagxNVR1MzYZ0gjebUywgw7qsAAXmQVvIqI; Expires=Wed, 08 Sep 2021 16:03:24 GMT; Path=/ AWSALBCORS=/jKSC0PENjHBzDOStFMuppfnzadcPVIJSVzHjWdsc65VG4AzH8gN5aMBF2DVeKVTUeb1qsXP0+aHmzXAc1AtcPI/VSagxNVR1MzYZ0gjebUywgw7qsAAXmQVvIqI; Expires=Wed, 08 Sep 2021 16:03:24 GMT; Path=/; SameSite=None; Secure ci_session=mh90hccnettod1n72tnuot006lpbn3b6; expires=Wed, 01-Sep-2021 18:03:24 GMT; Max-Age=7200; path=/; secure; HttpOnly;HttpOnly;Secure
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
feature-policy: geolocation 'self'; vibrate 'none'
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 owl.carousel.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 2 KB
983 B 96ms
28ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/owl.carousel.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f74c7a92c69ab24c6054008b0432a5de08bc7631e7f4655d2eafadac7503e35

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 10:22:01 GMT
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1316485
etag: W/"5b1b4e9e314501512a5406395c3d3d1c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: DMC5x8G0qmU_jhpccblK0E5g1EQ3QI04
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P1
content-type: text/css
x-amz-cf-id: IwJn78IH1l4cOrPxtyaNGKLAbOuqrialYlXrW77GvCruuHirQN3IDw==

GET
H2 200 owl.theme.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 2 KB
1 KB 125ms
57ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/owl.theme.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6de7b0a3574cf8f5a665d1b932c9a0163d6354f3f600b21ff044f469a1d3f508

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 3zYYkWMBqOFrlcdj3XxyzyIKSkqKFGLV
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1492169
etag: W/"9ebcb5f76b9f1fb23e2d7089ba022ac0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:33:57 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ECdLgPw9baYv49M-AItKEwd1D4oCVdiGpkqhJ7SODpccGXlhw4rk-A==

GET
H2 200 owl.transitions.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 4 KB
1 KB 127ms
60ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/owl.transitions.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 711bc5b0b8c40e39b2560e65797d175e72a89b49ebbc266a7c7b581c4bec4b21

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: qTlJ3Cgv15COr2KrTR.MYnRmDqFrlTae
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1233349
etag: W/"b1bdaeac4065bf67a7d7a06213192964"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:27:37 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: GXwcoenXy9M-0e2rGQv9L8gF2nSVHtTwbgPXy5mTf2lYR_JOT1EOdA==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 32ms
13ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 16:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BC5xsXKGgJbQbCzkLNvwBQ==
age: 86405
vary: Accept-Encoding
content-length: 6328
x-ms-lease-status: unlocked
last-modified: Wed, 04 Aug 2021 01:49:58 GMT
server: cloudflare
etag: 0x8D956EA2A6E73F4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b8d637e9-f01e-012a-80bd-8bebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687fba86a9b34e9d-FRA
expires: Wed, 01 Sep 2021 20:03:25 GMT

GET
H2 200 global.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 36 KB
8 KB 128ms
62ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/global.css?v=2.2
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb1613b6665088384c39215af1aaa40f996f9383b9d66d85557c834bfad12cae

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: KxLXHZCfpAeHGu2bA9L1RxS7GFiRq1vG
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 18:36:07 GMT
server: AmazonS3
age: 1492472
etag: W/"77a1bf0e7697e7f08db80871b4d004c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:28:54 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: -kOEbc11hXEm78D7Jm7-FLaPzNghQIH06nL2H9lqRXZqWGbUT73bDQ==

GET
H2 200 mobile.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 110 KB
21 KB 117ms
51ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/mobile.css?v=2.5
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5750d5f9f4a1d00e94aca997fb9c99e465e41778b91f85e1f9bb83ef77a885e5

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: vYlZlORRx2SAlAIzmWfkQcyGLW8_0k9T
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 22:36:22 GMT
server: AmazonS3
age: 408338
etag: W/"04dc4a7fb5452df4cd122ae6b4263ced"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Fri, 27 Aug 2021 22:37:48 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: SbPje9a7HsI6VRg_DFrPsTeP5U3ukT345TOiBmTCC4op3gqNQEXq4w==

GET
H2 200 desktop.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 72 KB
14 KB 97ms
32ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/desktop.css?v=2.5
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2900690278e8dac8de33fa5d408382bde63f759cd607ce481d30463eaf73b7ff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: STfO49IiGewr8_bKQ4ohbDpm6hqD43qP
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 19:15:34 GMT
server: AmazonS3
age: 1492476
etag: W/"4fda59a2819de5207ff225c3dbc3204e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:28:50 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: S6eXk9D1Kn31rHEHticFQNlKgw9wlikKVSItEjlanseWoq0yXIIqow==

GET
H2 200 fonts.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 2 KB
781 B 98ms
32ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/fonts.css?v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ad951a46493b7d422aed00ea837dfff94508fe1a39120ba56f23a99f3c4c8b1

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: AHkJorMJI30gdzTFOltw8xAh17Zisw2U
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1318942
etag: W/"b7882d4faeca508f6e8035733dc7f340"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 09:41:04 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: KFmkVxVFOSNtNwr2vpxdYaPpvpNmDqaSp8qRVaWm7-FC5zXyhuAU_w==

GET
H2 200 vendor.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 2 KB
1 KB 122ms
56ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/vendor.css??v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9436816d54666c2f33eb0c6d3d556f10dd70ed6721906a82c6adbf6100a008bc

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: iCVjc0ErYLH1QGcz9T1qrs7VIUsagAkU
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1498601
etag: W/"5c36192a2ce86ec4dbedca28c3b79e3a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 07:46:45 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: QemNRRUl6q5J31wCvgVmPEoICa04eAHldS250T2xkgOl6F4-Ey9ZcQ==

GET
H2 200 jquery-ui.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 31 KB
6 KB 124ms
59ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/jquery-ui.css??v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66c9fd744a3db46f3dce06826004b9f756b9ba03a5b9cdc21d86427e7a688386

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: RRHzJ7UsEXbG5Lqe0IcnAC_ALzT.xBtX
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1318944
etag: W/"9cf8b8d3a33766a642812643efa4494e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 09:41:02 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: PoCgoYy6lYX9nXiVRHNH762k2OP7PI_7QglrEHKmPZpYdaTt8tkZBQ==

GET
H2 200 datepicker.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 4 KB
1 KB 98ms
33ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/datepicker.css??v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82664a18c949f3d66ba8a6251c55dd1cb28e25620bdf43dcf4611ab4842a10ab

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 1bQPMpMNLv_zNtFARBYOR.mkEgrN3I_K
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1238289
etag: W/"5b6bc4be9145f55901fb934d1b2d5c63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 08:05:17 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: QmqyxDzoUxtrMSiBzMnBuQp4eeM8TZNonU6L-pyEcJl3pZflUtQzzg==

GET
H2 200 menu.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 864 B
1 KB 93ms
28ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/menu.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36ac80a2a51a5f030f93b08bbd4601e3944accb8152db9d175fd2aeb394b1ae7

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: WfYB_HgAPEhMDaYSsRm3lf1svzh9.ciy
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1319875
etag: "9738c0503f080721b4bc0a5b75dcc8f5"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 09:25:31 GMT
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 864
x-amz-cf-id: QUq8JGuxFXi2BqMfil6wovWFSZfD00BwpsbwMSkFvC8UE4GezJdNmQ==

GET
H2 200 dd.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 4 KB
2 KB 119ms
54ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/dd.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88d51c99298c6ade08c4e754c7c92d0ccb5af58e71232f79f018dfa4763aca16

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 1bj8sX27DFYBVPukk7Od1Nlkqa15G6tq
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1491740
etag: W/"afb92ee82b5a8d06693c4c6421ab6ffc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:41:06 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: LJNbkTU-eiPA9gyb26dLiOaWIJNaUwLu__lYiCJWFiXwCmBMRu-OAA==

GET
H2 200 flags.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 10 KB
2 KB 97ms
33ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/flags.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4349f665a853d8970813d466168d4d2ebba277d4ba4cc57b1a2ebbcb4b49cc0e

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: lqgeO_hdOHF53DBQb0A2MmISOIx4foBO
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1317650
etag: W/"badb33147fec855b27ee82fce94bb3d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 10:02:36 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: rtZVfiOkcC0j7qyFdv3Qq_SuKBA8dVVMm3FRM_MugH22FWZcv1j8kw==

GET
H2 200 jquery-1.12.4.min.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 95 KB
33 KB 130ms
66ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery-1.12.4.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: RsPt_OSQ8F7nBhqgG4cfaNND5y0jEypg
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1236925
etag: W/"0fca26b5a37a66d68d0f4406976be4b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 08:28:01 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: bpCmVuh7fOwsovuiNRZdRIOiQVpizsITX9lGNtKmGtQjr1SzU_bZwQ==

GET
H2 200 jquery.cookie.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 2 KB
1 KB 126ms
62ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery.cookie.js?v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aee8ab892144e88f83a00a907676bd1e0e9a83e8a0879518ca3a77f897c8128d

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: m2zvFN6rnWCpPKRzYjG2fiZQI636DOmB
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1499869
etag: W/"324c4f698275d2afb1ae67f16c8aabbc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 07:25:37 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: PlTsMVjg6Lr5tUilJYgY_d1VkR7LOlqbep3bg-lrlu5mjAeXRciXfg==

GET
H2 200 jquery.form.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 18 KB
7 KB 167ms
104ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery.form.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 478a01bfa3c2eb215f345963e7e4a89343d2fb5eb5726e248495ea6606c72801

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: YgBKWKrUGBWXyiDx5QfbUSnu7qoNC7Tz
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1234627
etag: W/"cd93c12dc002783e7888c3af9c6e1cd0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:06:18 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: jh-Mufwu4BtMfJUhd_wD7qFVHl9B7VgkpjCiW_bRd5FHdpNqrN452A==

GET
H2 200 jquery.validate.min.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 21 KB
7 KB 150ms
87ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery.validate.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c19a958735b85cda3c841c910a0e45ff2f188c8d532de5dfb21860d2e8eb70a

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: CaAzU2ghGLyOIKr.8Xpge2oHbiFchUbZ
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 202626
etag: W/"924f6ce5d53e521a8b1ab6e351024c30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Mon, 30 Aug 2021 08:37:30 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: SrKTXkeB_lIvzvrCxrBGcVfVySZaDjE84ZQP_f3p1kKwUOikU6kT0w==

GET
H2 200 ui.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 7 KB
3 KB 151ms
88ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/ui.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0abcc9427a6673f19254270c4c92fa1c8179e79e54d8961434537bcee780f07b

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: o6w6zZyEHgbRR06mmrfc2cqEJbpEu05S
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1232223
etag: W/"c1260260378aa59b8923e4ac21807c6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:46:22 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Gx2m7L1psTPW_BSlTiTdpftzkUODZmLxGETWPVDLH4hMmTBK4sqZ-g==

GET
H2 200 modernizr.custom.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 8 KB
4 KB 148ms
85ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/modernizr.custom.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76ab9639d9948ade3d2b0c06432f41689c328173322c8eb3da3c60447126831e

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: XohF9XIhLflxDU2RKEW.SWYVdmYmj6sG
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1319924
etag: W/"9b168f2700a02d1c3ce4cbbc399c1644"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 09:24:42 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: gXXTj-1DlHLi-RkozOSHEodPO4LIATUiTO9xEvlGssHefmJjJsIKEQ==

GET
H2 200 instagram.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 7 KB
3 KB 167ms
104ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/instagram.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5471e6216c3677a79cbf10721752fdfff5340e0c29d0b86d436821301edeedd

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: x.jp4rruNTnJjzw3Uertb5c8PjuKCX0Y
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1234753
etag: W/"2f0204a5d4480d4565945dd567318601"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:04:13 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: X7cr16Ps55i8I6DbjCXl-NMx9iMuUbKupQqMrVBz1OYP9iHCnkFbCA==

GET
H2 200 jquery-ui.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 222 KB
59 KB 154ms
91ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery-ui.js?v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d24e83fb832a53db6e3b4e6452db348b9428436a36a3be2cff207cfb31d0c231

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: G5KXfjnZB.60fDa4eaHCc6s2ZGcvLxP8
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 202636
etag: W/"31ce159985cb3b82a12586316e7c4ec9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Mon, 30 Aug 2021 08:37:30 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ZV8HHXuwcvHFtJKLh2AfRpfR3l9e08F8mZiogoCD-mKsrr40XICHJg==

GET
H2 200 jquery-ui-timepicker-addon.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 69 KB
18 KB 164ms
102ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery-ui-timepicker-addon.js?v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77516e87f9273512485c9e6daaf80dd6696b98a3583e83e79e68fd52220c82d4

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: TnohKRqbcvbLZokivpyuUQWjIlpEZdaI
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1235777
etag: W/"cfa6dd10078ffe10841a2773680ffff4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 08:47:08 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: unwI-sKqj0VYeFt8OUUKlaJz6_DhkTM0-9tNxl8vFG7SOTMdHwDrBQ==

GET
H2 200 jquery.dd.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 53 KB
13 KB 145ms
83ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery.dd.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a891fc0d213b1a1ceb5a8f13c61dd9b274e163bd172758318648fad77c9a422

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 9H3I8baR5sPSAcO4FU.sqkFIgk8xVai1
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1323686
etag: W/"d82e4a94f7c0824a75f17b04c7686d2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 08:22:00 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: rvHu9vxoa8Rbf4FNrhAau4rLN9LG27dlMGZ_Qa6VQLRAepBcM1V_ag==

GET
H2 200 a-00jp.min.js Show response
b-code.liadm.com/ 25 KB
10 KB 32ms
7ms Script
application/javascript 2600:9000:223c:2400:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00jp.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ZIO-Http /
Resource Hash: 2e3eb27ed780ac5ac845756a51d8120e4a30cd3bb4cdc11ab18d265763373e48

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 05:12:13 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
server: ZIO-Http
age: 39073
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P2
content-encoding: gzip
x-amz-cf-id: LrlaCuVdaEHElGUKAHV4LZ1iRyYp-iXIQnCw0LOyDcpU-jyEQUmn_A==

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
21 KB 38ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://gofobo.com
Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 345037
cdn-cachedat: 2021-06-08 21:08:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f1a4a41d3e254de26232c0f15ac1b170
cf-ray: 687fba86af4f4309-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 trailers.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 4 KB
2 KB 119ms
57ms Stylesheet
text/css 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/trailers.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49bae4bb549c5f46a159708ec23de2405d006b456d79936ef04298ad6de2550f

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: SH9hdx2LkxPoC.lrjVla0P.mzjVMbJ2z
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 20:04:14 GMT
server: AmazonS3
age: 1230110
etag: W/"6cf7f2abe073bd25c97372e14a2bb286"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 10:21:36 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 8-IqRSdMmwwOek1NWsUnPwZKA0IgbQewi4LSrY8BlgUl0gBN1EEb6Q==

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 17ms
13ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 14065435
cdn-cachedat: 2021-03-11 11:57:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3033c5b7ea34684b20a8f4234fea378f
cf-ray: 687fba868e334df4-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 owl.carousel.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 29 KB
7 KB 146ms
84ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/owl.carousel.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 265acaa7671ecc0fb94f926ffe9d1b4661006e4924eea3234f1dc72a44ce58d1

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Wm2prL5O.MDarGtdyLpKjdzdagP0zivt
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1492148
etag: W/"5ec575b2e4b6b9c38769dde657150908"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:34:18 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: jLRQaL18Covx5vX5sjHMolJcnczwkiQrKj2LDOwvLJGn56jRasV1Lg==

GET
H2 200 GofoboLogo.png
dk2d6nav3mn9d.cloudfront.net/assets/img/sr_image/menu/ 15 KB
15 KB 29ms
28ms Image
image/png 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/img/sr_image/menu/GofoboLogo.png
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c8207e762acd72dd9114ca3e6de823f69ede6c9c5db711dceadefabaf05284c

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 794S.iJ6fBkrN9l2iVPDpyljOnuCPCg7
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 19:35:54 GMT
server: AmazonS3
age: 1492447
etag: "ee25c8fd15a84e8b58301a87fe89c275"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:29:20 GMT
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 15330
x-amz-cf-id: xZujsGP3SSASbUaokTV3nO8y72Ip9JnRh3YtMNRFUgXMosChDQE64g==

GET
H2 403 /
d2u384mreupnc8.cloudfront.net/assets/trailers/videos/ 0
0 311ms
236ms Image
application/xml 18.66.92.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2u384mreupnc8.cloudfront.net/assets/trailers/videos/
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 playButton.png
gofobo.com/assets/img/trailers/ 19 KB
20 KB 207ms
202ms Image
image/png 52.27.184.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/playButton.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.184.18 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-184-18.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

db0de5884aa9acc96486bee8a22ccaa36c43f3a2574033fd9b823182fb8bef8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/playButton.png
pragma: no-cache
cookie: AWSALB=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; AWSALBCORS=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; gfb_session=qu5ijcshjfaija0jkh93lgfj05r002gh
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=G9eNAFD7XGhbszEpsvDRGMnlIjOYefoLEBXMrUneGnrznssNj3ROyc8EvGO8tZ45/IjAmr3L664E9Zil7W/qu0Aw5X2ZZ/3WrYVzsF1fGnFgiWqfrrNqn4oSWl4v; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/ AWSALBCORS=G9eNAFD7XGhbszEpsvDRGMnlIjOYefoLEBXMrUneGnrznssNj3ROyc8EvGO8tZ45/IjAmr3L664E9Zil7W/qu0Aw5X2ZZ/3WrYVzsF1fGnFgiWqfrrNqn4oSWl4v; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 19952
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 16:03:26 GMT

GET
H2 200 btn_facebookShare.png
gofobo.com/assets/img/trailers/ 2 KB
3 KB 207ms
203ms Image
image/png 52.27.184.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/btn_facebookShare.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.184.18 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-184-18.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

16029f893c7cc7fb7964515bf0b56b7182f428b11bceca36fffc9e689fbe12cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/btn_facebookShare.png
pragma: no-cache
cookie: AWSALB=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; AWSALBCORS=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; gfb_session=qu5ijcshjfaija0jkh93lgfj05r002gh
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=MqZyx4JEiAn0oMTBxNFwpRplNdp3GUINvl48FqBHNYVXgkSyMe8CzEmSYyiqWxNRihd3kfoRzAvnuFen26c5VXA/Bl3CmTma1c5jDkebwHgrT2aOS9X8LjHxgApu; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/ AWSALBCORS=MqZyx4JEiAn0oMTBxNFwpRplNdp3GUINvl48FqBHNYVXgkSyMe8CzEmSYyiqWxNRihd3kfoRzAvnuFen26c5VXA/Bl3CmTma1c5jDkebwHgrT2aOS9X8LjHxgApu; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 1900
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 16:03:26 GMT

GET
H2 200 btn_twitterShare.png
gofobo.com/assets/img/trailers/ 2 KB
3 KB 207ms
202ms Image
image/png 52.27.184.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/btn_twitterShare.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.184.18 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-184-18.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

1b4e1722333b8a418079194a24d0685cb14b77df6a2b69aff56d76cba7a54c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/btn_twitterShare.png
pragma: no-cache
cookie: AWSALB=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; AWSALBCORS=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; gfb_session=qu5ijcshjfaija0jkh93lgfj05r002gh
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=alk/DeKk9VOltE5uLhNc50IYwNs/imlVyelElik3Uvwo5OuLDGAQ4SFDCu8IvuxdfDGEzeho/iNoUx8teVFCB7iu/DDbAlDiXwCXTBQx3XghuzdFVob45GuxNdPs; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/ AWSALBCORS=alk/DeKk9VOltE5uLhNc50IYwNs/imlVyelElik3Uvwo5OuLDGAQ4SFDCu8IvuxdfDGEzeho/iNoUx8teVFCB7iu/DDbAlDiXwCXTBQx3XghuzdFVob45GuxNdPs; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 1937
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 16:03:26 GMT

GET
H2 200 btn_copyToClipboard.png
gofobo.com/assets/img/trailers/ 3 KB
4 KB 405ms
401ms Image
image/png 52.27.184.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/btn_copyToClipboard.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.184.18 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-184-18.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ff72eb9381c10f07bbcfa3095def0bede7c1f01f7c299043caf8bd51551e7a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/btn_copyToClipboard.png
pragma: no-cache
cookie: AWSALB=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; AWSALBCORS=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; gfb_session=qu5ijcshjfaija0jkh93lgfj05r002gh
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=B2BKU5Sslzt0745wASxjMtt77Gu1pu4AAu5pgyyHloFGGrI5TCUpCAnh4VRdpCU8Fg6ml/7axbCKBGqA2oir0321ycl4aFJIRMEzYBzpI2iG44Zm5OoW34S5KYnF; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/ AWSALBCORS=B2BKU5Sslzt0745wASxjMtt77Gu1pu4AAu5pgyyHloFGGrI5TCUpCAnh4VRdpCU8Fg6ml/7axbCKBGqA2oir0321ycl4aFJIRMEzYBzpI2iG44Zm5OoW34S5KYnF; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 3055
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 16:03:26 GMT

GET
H2 200 btn_moreInfo.png
gofobo.com/assets/img/trailers/ 3 KB
4 KB 406ms
402ms Image
image/png 52.27.184.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/btn_moreInfo.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.184.18 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-184-18.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

34760d3b326d757f095dfeb18d3da4c6f420f809671d40bc13ed920b0daf60e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/btn_moreInfo.png
pragma: no-cache
cookie: AWSALB=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; AWSALBCORS=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; gfb_session=qu5ijcshjfaija0jkh93lgfj05r002gh
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=syznctcWYhZjl+e8T0QLagCxajeESfRgurLzxL8UfhsVDtFcZJGgvaVCgdoY2cx8gMHnPu36sPOD72IOD9tgLEJQiCSLjjylvNmPfJslK8aervkLtCZfDEMN2EVM; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/ AWSALBCORS=syznctcWYhZjl+e8T0QLagCxajeESfRgurLzxL8UfhsVDtFcZJGgvaVCgdoY2cx8gMHnPu36sPOD72IOD9tgLEJQiCSLjjylvNmPfJslK8aervkLtCZfDEMN2EVM; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 3241
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 16:03:26 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/N_gD9-Oa0fg/ 10 KB
10 KB 11ms
7ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/N_gD9-Oa0fg/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6943a1d90abac5b3cc437b49d853b05ce8549a0f89e7c0c5d70d54d72efee25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:24 GMT
x-content-type-options: nosniff
server: sffe
age: 2
etag: "1630422599"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10252
x-xss-protection: 0
expires: Wed, 01 Sep 2021 16:08:24 GMT

GET
H2 200 trailerType.png
gofobo.com/assets/img/trailers/ 3 KB
4 KB 405ms
401ms Image
image/png 52.27.184.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/trailerType.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.184.18 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-184-18.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ae2b763616807405d6c7a3dd24ae33b6fc25f01866768ac1ca8439722e57d07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/trailerType.png
pragma: no-cache
cookie: AWSALB=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; AWSALBCORS=7rChVbjtdEgpyKfuHBr/ivC8uY/MWIyEUmLLrUvKgjQqJxnHBfxHS08tAf4Mmv2a4deNRHFPBwt4n+7YcM9gtgL6L/rpKC3xNW3xbvyzK9f83gkTZ1glsyQ9l2vF; gfb_session=qu5ijcshjfaija0jkh93lgfj05r002gh
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=zDdk1r9lj1HVhxJ3zmIpumeSvUhrV4c7rEtboEPtbyeUnUNnB/JrH7VnGZaPVN93buz8M7FXTb8wEKuCfx+GdlP3bCNPzW+PJgctF6JgWmx9DfChrLzs1zrh4kUT; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/ AWSALBCORS=zDdk1r9lj1HVhxJ3zmIpumeSvUhrV4c7rEtboEPtbyeUnUNnB/JrH7VnGZaPVN93buz8M7FXTb8wEKuCfx+GdlP3bCNPzW+PJgctF6JgWmx9DfChrLzs1zrh4kUT; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 3299
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 16:03:26 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/7w9tumq4_34/ 15 KB
15 KB 16ms
12ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/7w9tumq4_34/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c220569b0e24867c20cab4f3cc346c408ee626bb369b23caa242bf39d6f5f315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:00:09 GMT
x-content-type-options: nosniff
server: sffe
age: 197
etag: "1630256382"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15405
x-xss-protection: 0
expires: Wed, 01 Sep 2021 16:05:09 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/Uh4r95VBU2Q/ 14 KB
14 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Uh4r95VBU2Q/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

670cd3c2119382575d13452455fe2a316b85b08468bb75f5cdaaaf12d3e374f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:55:22 GMT
x-content-type-options: nosniff
server: sffe
age: 4084
etag: "1629936411"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14418
x-xss-protection: 0
expires: Wed, 01 Sep 2021 16:55:22 GMT

GET
H3-29 200 mqdefault.jpg
img.youtube.com/vi/cIV4BgGdNNc/ 16 KB
16 KB 33ms
18ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/cIV4BgGdNNc/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afe3fd34bb642300e836507874a15aff0d549fa68c6500570990ec73f4837700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
vary: Origin
server: sffe
age: 0
etag: "1629758781"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type: image/jpeg
cache-control: public, max-age=7200
x-content-type-options: nosniff
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16252
x-xss-protection: 0
expires: Wed, 01 Sep 2021 18:03:26 GMT

GET
H3-29 200 mqdefault.jpg
img.youtube.com/vi/jkHBbEIqvdI/ 13 KB
13 KB 36ms
21ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/jkHBbEIqvdI/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c32d83b0bcee868363b7e0b83bcb91d3869cadf040a37b2f1d09c9f1ea880ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1629993934"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
expires: Wed, 01 Sep 2021 18:03:26 GMT

GET
H3-29 200 mqdefault.jpg
img.youtube.com/vi/QjMqQZuIFWo/ 13 KB
13 KB 39ms
24ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/QjMqQZuIFWo/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

528f9142e0d57fe914cefe9cb890bf6cf5899d39dfed394cde0ba55d2bda29f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1629936543"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13249
x-xss-protection: 0
expires: Wed, 01 Sep 2021 18:03:26 GMT

GET
H3-29 200 mqdefault.jpg
img.youtube.com/vi/BrGpBZijCzA/ 6 KB
6 KB 31ms
16ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BrGpBZijCzA/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37f950d9cac10dc60810b77355d0481d46465738bbfaae59fcab5fb9002386f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1622742490"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5976
x-xss-protection: 0
expires: Wed, 01 Sep 2021 18:03:26 GMT

GET
H3-29 200 mqdefault.jpg
img.youtube.com/vi/BPa06HfWfb8/ 12 KB
12 KB 38ms
23ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BPa06HfWfb8/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88faa037d81cb486dd86f58f5df43d3165e01b69c80c9f9cc85716bab3b56483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1629995879"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11854
x-xss-protection: 0
expires: Wed, 01 Sep 2021 18:03:26 GMT

GET
H2 200 classie.js Show response
gofobo.com/assets/js/ 2 KB
1 KB 202ms
202ms Script
text/javascript 52.27.184.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gofobo.com/assets/js/classie.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.184.18 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-184-18.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

4ea3d321090cb97cb30e2660c64aa24c5d197a3a27deccbc1ed797e2dd0e778c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/js/classie.js
pragma: no-cache
cookie: _li_dcdm_c=.gofobo.com; _lc2_fpi=0304f7a82132--01feh1kmab8rz1w90pt4y8rcys; _ga=GA1.2.1262837785.1630512206; _gid=GA1.2.1134442237.1630512206; _gat=1; AWSALB=MqZyx4JEiAn0oMTBxNFwpRplNdp3GUINvl48FqBHNYVXgkSyMe8CzEmSYyiqWxNRihd3kfoRzAvnuFen26c5VXA/Bl3CmTma1c5jDkebwHgrT2aOS9X8LjHxgApu; AWSALBCORS=MqZyx4JEiAn0oMTBxNFwpRplNdp3GUINvl48FqBHNYVXgkSyMe8CzEmSYyiqWxNRihd3kfoRzAvnuFen26c5VXA/Bl3CmTma1c5jDkebwHgrT2aOS9X8LjHxgApu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 681
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800
feature-policy: geolocation 'self'; vibrate 'none'
set-cookie: AWSALB=cam76dG8dj3nqjdRtBZv5kOPV/6EszP1jrbeDh3lVfqurbyQ78jiceB1hpgjxo/+L9cOpAPCC8Nj297Jsy8He4zXtu+q7xpZeSCWSPj2p1jnOUukOsj/pyk47uc7; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/ AWSALBCORS=cam76dG8dj3nqjdRtBZv5kOPV/6EszP1jrbeDh3lVfqurbyQ78jiceB1hpgjxo/+L9cOpAPCC8Nj297Jsy8He4zXtu+q7xpZeSCWSPj2p1jnOUukOsj/pyk47uc7; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
expires: Wed, 08 Sep 2021 16:03:26 GMT

GET
H2 200 demo1.js Show response
gofobo.com/assets/js/ 1 KB
1 KB 203ms
202ms Script
text/javascript 52.27.184.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gofobo.com/assets/js/demo1.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.184.18 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-184-18.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

b7cb70e1076d694f4f8b86a9d00b2c8736899425c41925f051162872fc85bec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/js/demo1.js
pragma: no-cache
cookie: _li_dcdm_c=.gofobo.com; _lc2_fpi=0304f7a82132--01feh1kmab8rz1w90pt4y8rcys; _ga=GA1.2.1262837785.1630512206; _gid=GA1.2.1134442237.1630512206; _gat=1; AWSALB=MqZyx4JEiAn0oMTBxNFwpRplNdp3GUINvl48FqBHNYVXgkSyMe8CzEmSYyiqWxNRihd3kfoRzAvnuFen26c5VXA/Bl3CmTma1c5jDkebwHgrT2aOS9X8LjHxgApu; AWSALBCORS=MqZyx4JEiAn0oMTBxNFwpRplNdp3GUINvl48FqBHNYVXgkSyMe8CzEmSYyiqWxNRihd3kfoRzAvnuFen26c5VXA/Bl3CmTma1c5jDkebwHgrT2aOS9X8LjHxgApu
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 478
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800
feature-policy: geolocation 'self'; vibrate 'none'
set-cookie: AWSALB=f4hM9oJqN5wUex4Wk0ifzrt9sHZghQLcFRtaYSJ3Pa3K35VFX3ywbTazskEbEivUQnD2ssu2HqYjnSvCmTYEP7E+LySVafrKxqh5l4sLJZX8/rbhag3d+Q5adMwU; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/ AWSALBCORS=f4hM9oJqN5wUex4Wk0ifzrt9sHZghQLcFRtaYSJ3Pa3K35VFX3ywbTazskEbEivUQnD2ssu2HqYjnSvCmTYEP7E+LySVafrKxqh5l4sLJZX8/rbhag3d+Q5adMwU; Expires=Wed, 08 Sep 2021 16:03:26 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
expires: Wed, 08 Sep 2021 16:03:26 GMT

GET
H2 200 edb7bc5d-bafa-46e2-8069-72f66608bc9d.json Show response
cdn.cookielaw.org/consent/edb7bc5d-bafa-46e2-8069-72f66608bc9d/ 3 KB
2 KB 36ms
22ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/edb7bc5d-bafa-46e2-8069-72f66608bc9d/edb7bc5d-bafa-46e2-8069-72f66608bc9d.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d460e6c9b0d0b49df6a39d58934883108101e83d1e7375c901232ca0e0a10ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 16:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: tVbfShQUwqaZpCl6iP8lGA==
age: 2149470
vary: Accept-Encoding
content-length: 1325
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jan 2021 19:07:41 GMT
server: cloudflare
etag: 0x8D8BE3FD35ED4DA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c5c29e73-b01e-00c7-2ebe-8ba427000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687fba86df684e86-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
37 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSPT2WQ

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

916d551398b8a681848a8a02a69f8d59231ce19d992df304cf2fb1c85f924a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37984
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 15:38:29 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Sep 2021 16:03:26 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
373 B 37ms
21ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 687fba87fbe5d72d-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: 66a935+zKMWbZnVtocXZ5uTz6j6ckbCYMOt4Y49rMIt6Tjw3WItkBWrGF4vka8BqCToR7/LCqTJqCvOlgCOiEQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 01 Sep 2021 16:03:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 42wleqiafj Show response
www.clarity.ms/tag/ 582 B
959 B 157ms
100ms Script
application/x-javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/42wleqiafj
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 37b2807535112a55808bd5da745558576be2fe38a7fa2d87949d6a45fd21e8e3

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:25 GMT
x-powered-by: ASP.NET
x-azure-ref: 0TqQvYQAAAADerJeWLLFhR47ln7OhUxQBTFRTRURHRTEzMTkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
content-length: 582
expires: -1

GET
H2 200 gofobo.min.js Show response
global.proper.io/ 18 KB
6 KB 68ms
34ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/gofobo.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6276ec8d74799bf29a42dd02c32637e1a1806919d82ba78fe5ecd73337afcd53

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 Aug 2021 20:37:18 GMT
server: cloudflare
age: 515017
etag: W/"6120127e-46be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 687fba885b7d1f31-FRA
expires: Wed, 01 Sep 2021 16:08:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1867
date: Wed, 01 Sep 2021 15:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 01 Sep 2021 17:32:19 GMT

GET
H2 200 hotjar-6292.js Show response
static.hotjar.com/c/ 4 KB
2 KB 200ms
92ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-6292.js?sv=3

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

65a16e4cfb84d9781c7ebfa3719c48ed4344f13da4f56124d79649831e5787e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/a2211c01e29744882d1622ab66f9f1eb
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1889
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb5.cloudfront.net (CloudFront)
x-amz-cf-id: jTxSv09FqakE30mPhBHRh15jTwYbpAdcBs2Wiesi1HMKmQDgl7AGpg==

GET
H2 200 img-backgroud.jpg
dk2d6nav3mn9d.cloudfront.net/assets/img/trailers/ 80 KB
81 KB 29ms
28ms Image
image/jpeg 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/img/trailers/img-backgroud.jpg
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/trailers.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56d31ad13a941747a83fbc0cb352801d35cda752c70e4f70eea695b79bbc3f21

Request headers

Referer: https://dk2d6nav3mn9d.cloudfront.net/assets/css/trailers.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 7NYqILr_oHwSHYCtKKkQvzh22Ho25VoM
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 19:35:54 GMT
server: AmazonS3
age: 1234382
etag: "a48e062cdcd27ff7a9287eb0407e67ea"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:10:24 GMT
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 82259
x-amz-cf-id: pjuOcShmTMyhPrcK82HyWXIl7L__qj190krXSNyyKimdmBZkkQm84g==

GET
H2 200 Lato-Reg.ttf
dk2d6nav3mn9d.cloudfront.net/assets/fonts/lato/ 117 KB
50 KB 150ms
58ms Font
application/font-sfnt 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/fonts/lato/Lato-Reg.ttf
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/fonts.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7

Request headers

Origin: https://gofobo.com
Referer: https://dk2d6nav3mn9d.cloudfront.net/assets/css/fonts.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: SOw4Bl_R06Pzt3_0loX6t_3f67STH2Ze
content-encoding: gzip
etag: W/"7f690e503a254e0b8349aec0177e07aa"
age: 1488588
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 03 Apr 2020 19:35:48 GMT
server: AmazonS3
date: Sun, 15 Aug 2021 10:33:39 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/font-sfnt
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: HXZcmiudWGhDQl-a5oAOVM08s5eljnaW_1-ZRuRxpPyNOAG7t-JSvg==

GET
H2 200 footer-g.png
dk2d6nav3mn9d.cloudfront.net/assets/img/logos/ 2 KB
2 KB 35ms
27ms Image
image/png 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/img/logos/footer-g.png
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/desktop.css?v=2.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d502121116ea9588bd7edfb519575a09ded0e6daaf30427d6093e03d6dc777ea

Request headers

Referer: https://dk2d6nav3mn9d.cloudfront.net/assets/css/desktop.css?v=2.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 0tcJ6ViOUPetAQR82NuJb1Yb524tBAan
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 19:35:51 GMT
server: AmazonS3
age: 1232774
etag: "91a0d1b8f89769c3f7f2b7ffefdc6ba6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:37:13 GMT
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 1873
x-amz-cf-id: ZQ30xFvgDkxc8Jm0Be8klqcVznmWuIVw5MbPoLnHsaziKQGVX4-PQg==

GET
H2 200 sprite.png
dk2d6nav3mn9d.cloudfront.net/assets/img/sprite/ 163 KB
163 KB 37ms
29ms Image
image/png 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/img/sprite/sprite.png
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/global.css?v=2.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddd20fbc250587ac6f1671023aaf2180594d9dcd520add2c6b212044b4a2af12

Request headers

Referer: https://dk2d6nav3mn9d.cloudfront.net/assets/css/global.css?v=2.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 7Zpr3vx3nJBW6hHevY7tJPKLH0sLoFny
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 19:35:53 GMT
server: AmazonS3
age: 1236927
etag: "e015276b099c2320dcd16754f0ae3dad"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 08:28:00 GMT
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 166768
x-amz-cf-id: AZ3Ag7G6o4MAS6c3qCBTrtikn_I9Zxp7vkxA4anCwC-ZcTLv6tuVqw==

GET
H2 200 Lato-Bol.ttf
dk2d6nav3mn9d.cloudfront.net/assets/fonts/lato/ 119 KB
51 KB 115ms
58ms Font
application/font-sfnt 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/fonts/lato/Lato-Bol.ttf
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/fonts.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14f7de6b616950395062902eb8f70f01c0a901223db5d40f2a05728ac4a830f6

Request headers

Origin: https://gofobo.com
Referer: https://dk2d6nav3mn9d.cloudfront.net/assets/css/fonts.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: luuLuzVQoV.PY17o6IZA0Oq.WTTTheHL
content-encoding: gzip
etag: W/"44dfe8cc676882243911a3197a50169e"
age: 1316510
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 03 Apr 2020 19:35:48 GMT
server: AmazonS3
date: Tue, 17 Aug 2021 10:21:36 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/font-sfnt
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 7q5mFNm8JK6HVyZ5ZfWzZy0CW2nAYzQpKDofW3fbuG7cm1p25781dA==

GET
H2 200 owl.carousel.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 29 KB
7 KB 216ms
216ms Script
application/javascript 13.32.118.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/owl.carousel.js?_=1630512205996
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery-1.12.4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-55.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 265acaa7671ecc0fb94f926ffe9d1b4661006e4924eea3234f1dc72a44ce58d1

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:27 GMT
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"5ec575b2e4b6b9c38769dde657150908"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: Wm2prL5O.MDarGtdyLpKjdzdagP0zivt
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
content-type: application/javascript
x-amz-cf-id: ApSiuPtxsuZJLF_Ao3kXUmHVqvYUkDI1ukIrZC54-701HKLu5M2rog==

GET
H2 200 measure.min.js Show response
asset.pagefair.com/ 2 B
332 B 491ms
27ms Script
application/javascript 94.31.29.248
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.pagefair.com/measure.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.248 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.248.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
last-modified: Tue, 11 Feb 2020 22:50:25 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 0Q66ABMNP41J2N9D
etag: "7bc0ee636b3b83484fc3b9348863bd22"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2
x-amz-id-2: gG7AGcTjVMRzy+YgQ+gj05tJCfHWOpDwgEPFAfWiyC00WlS/wcuP0LSBscJiqUGifAxG3Gr8Nq8=
expires: Thu, 02 Sep 2021 16:03:26 GMT

GET
H2 200 ads.min.js Show response
asset.pagefair.net/ 0
346 B 492ms
27ms Script
application/x-javascript 108.161.188.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.pagefair.net/ads.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.128 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
last-modified: Fri, 09 Mar 2018 17:19:02 GMT
server: NetDNA-cache/2.2
x-amz-request-id: GHAG21NG2RYMSM0X
etag: "263dfc0b0e2e32b880781aa6f238a031"
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=7200
accept-ranges: bytes
content-length: 31
x-amz-id-2: ur3puRkzePqsyswKvptYXjmkM4ipL2zm7l+Et42D1HRd03rrmvJb99WB4g8hon2BUqGm8HveGCc=

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 7ms
6ms Script
application/javascript 2600:9000:223c:2400:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-00jp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 18 Aug 2021 10:39:33 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 16:15:01 GMT
server: AmazonS3
age: 1229034
etag: W/"ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: CQKQeFXs_ero.dSxGj8yyrCkT6TzPcRS
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: Wg6uCHEwFeDsnCucEp7trTsWBSGyjh6ZaGr9QEl2SKsNktyb692S_g==

GET
H2 200 393879024716738 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/393879024716738?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6880f6230bbf84d9b731543ae8bfe6d39ba0a6a04091e1eb3545f09308278976

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: h2xmGgy+h3/DGKoSEm4Ny8Z9RWWEatyg6mckHHZOXi42y9Uz7bpT85J3zHe+QYsNgeJoRZYDUvzqG66ScCcLuQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 01 Sep 2021 16:03:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.12.0/ 361 KB
80 KB 21ms
21ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d97729299024aa64b03739e244f254966f9b546045de88bd835701a473045d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Aib4Vlvkay7u77hQspwwDQ==
age: 8453061
vary: Accept-Encoding
content-length: 81328
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jan 2021 07:04:09 GMT
server: cloudflare
etag: 0x8D8BD11958F56CC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 68dd2b4f-101e-0060-4169-529dc4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687fba88ad9f4e9d-FRA
expires: Thu, 09 Sep 2021 16:03:26 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
83 B 13ms
12ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1271951749&t=pageview&_s=1&dl=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&ul=en-us&de=UTF-8&dt=Gofobo%20Trailers%20%7C%20THE%20CARD%20COUNTER&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1859164116&gjid=1967513504&cid=1262837785.1630512206&tid=UA-145160-3&_gid=1134442237.1630512206&_r=1&_slc=1&z=1245339835

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gofobo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 401 KB
104 KB 44ms
44ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/gofobo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bd5c81ed2892e35e7b6f4fb3809e3539610c1a23c21d93cadaf9385492d8089

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Jul 2021 18:20:02 GMT
server: cloudflare
age: 2843329
etag: W/"60de0752-645d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 687fba88fcb91f31-FRA
expires: Wed, 01 Sep 2021 16:08:26 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
81 B 16ms
14ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-145160-3&cid=1262837785.1630512206&jid=1859164116&gjid=1967513504&_gid=1134442237.1630512206&_u=IEBAAEAAAAAAAC~&z=390108441

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 01 Sep 2021 16:03:26 GMT
content-type: text/plain
access-control-allow-origin: https://gofobo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-b/s/0.6.22/ 50 KB
22 KB 104ms
100ms Script
application/javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-b/s/0.6.22/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/42wleqiafj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 68d525dc844915e4d71d79addf52397416bccfe244e7927fb8d9812cd7d0f70f

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:25 GMT
content-encoding: br
etag: "1d79cc6c435f50b"
last-modified: Sun, 29 Aug 2021 11:12:34 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0TqQvYQAAAADQBRnGGc+zRKpMMU/UvkrjTFRTRURHRTEzMTkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
content-length: 22335
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=C6E38CCED654499E9D1C22FFE171478D&RedC=c.clarity.ms&MXFR=2BCDD55EEE916A6A0092C5FBEA9164A5
https://c.clarity.ms/c.gif?CtsSyncId=C6E38CCED654499E9D1C22FFE171478D&MUID=0714DFCBFE5B6E0D1EEFCF6EFF896F3B

42 B
359 B

47ms
47ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=C6E38CCED654499E9D1C22FFE171478D&MUID=0714DFCBFE5B6E0D1EEFCF6EFF896F3B
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:25 GMT
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9d284f105d6fd71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:25 GMT
x-msedge-ref: Ref A: 4A68821857EC48B4A767CB69FABF5DD1 Ref B: FRAEDGE1312 Ref C: 2021-09-01T16:03:26Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=C6E38CCED654499E9D1C22FFE171478D&MUID=0714DFCBFE5B6E0D1EEFCF6EFF896F3B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/edb7bc5d-bafa-46e2-8069-72f66608bc9d/5647eea2-8487-4183-a49c-e04655885680/ 76 KB
13 KB 12ms
11ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/edb7bc5d-bafa-46e2-8069-72f66608bc9d/5647eea2-8487-4183-a49c-e04655885680/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9247ce2bd50f80397e8e5ff3538bae254d226d3f9d23b15f16bac61580c187e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: yZViXkwKR/aO3km/Z4TYlw==
age: 2149468
vary: Accept-Encoding
content-length: 13002
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jan 2021 19:07:41 GMT
server: cloudflare
etag: 0x8D8BE3FD3AA1CFD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a1820f28-601e-004d-12be-8b1e04000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687fba890c3a4e86-FRA

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 9ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=393879024716738&ev=PageView&dl=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&rl=&if=false&ts=1630512206312&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630512206310.232926351&it=1630512206176&coo=false&rqm=GET

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Sep 2021 16:03:26 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 8ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=393879024716738&ev=Purchase&dl=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&rl=&if=false&ts=1630512206315&cd[value]=1&cd[currency]=1&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1630512206310.232926351&it=1630512206176&coo=false&rqm=GET

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Sep 2021 16:03:26 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&duid=0304f7a82132--01feh1kmab8rz1w90pt...
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&duid=0304f7a82132--01feh1kmab8rz1w90p...

43 B
599 B

843ms
113ms

XHR
application/json

52.5.181.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&duid=0304f7a82132--01feh1kmab8rz1w90pt4y8rcys&se=e30&dtstmp=1630512206331&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.181.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-6.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

a43eb929a5f667e26f866e75458c0639b56c9da1bc2f47b354d2319e2d712ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:27 GMT
x-pixel-event-id: 5c8cdff8-1526-4b3b-8846-ea64d4744cfc
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 1
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 67f4148336e8db5a

Redirect headers

date: Wed, 01 Sep 2021 16:03:26 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&duid=0304f7a82132--01feh1kmab8rz1w90pt4y8rcys&se=e30&dtstmp=1630512206331&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://gofobo.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 29ffc368b4b0b8e5
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.12.0/assets/ 13 KB
3 KB 18ms
17ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.12.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d105b0a793af6426ddf8c1ef8b26ae81d889617ef5f248a72e06b8c71d91e1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: IpszPceh6jWRl6sjS0PrYA==
age: 11353424
vary: Accept-Encoding
content-length: 3212
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jan 2021 07:04:01 GMT
server: cloudflare
etag: 0x8D8BD1190DD964B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 96061c6e-f01e-016e-7308-38379a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687fba89ad264e86-FRA
expires: Thu, 09 Sep 2021 16:03:26 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.12.0/assets/ 62 KB
15 KB 16ms
16ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.12.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92c705f444d62f823dc852694d8faabc0afc96f642a90ff7e0c775d29689e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ZQjkSMldlHpRPgVBEAOG1A==
age: 11303119
vary: Accept-Encoding
content-length: 14950
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jan 2021 07:04:02 GMT
server: cloudflare
etag: 0x8D8BD11912C615E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d900fc9e-201e-0041-517d-38f0f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687fba89ad2b4e86-FRA
expires: Thu, 09 Sep 2021 16:03:26 GMT

GET
H2 200 modules.189ddfe225c89657c20d.js Show response
script.hotjar.com/ 221 KB
59 KB 141ms
50ms Script
application/javascript 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.189ddfe225c89657c20d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-6292.js?sv=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 457581
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59569
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 08:56:36 GMT
etag: "00ab92e1048f75ffd0466b24cae7a3f0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: a5dRTm2oPGZECANoCGH2NWQVPMKSK0CF3jRAqdN3p0eL7ZP9-xQdqw==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 26ms
9ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 08 Sep 2021 16:03:26 GMT

GET
H2 200 maxresdefault.jpg
img.youtube.com/vi/7RvVT1cDiNc/ 69 KB
69 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/7RvVT1cDiNc/maxresdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b28a322c3cf1026cea1362727af1a24bf6e7a1e289cc491d5c31220d813d47d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1627336580"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70515
x-xss-protection: 0
expires: Wed, 01 Sep 2021 18:03:26 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame EABC 2 KB
1 KB 84ms
27ms Document
text/html 18.66.112.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-6292.js?sv=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: CNAzoicZmxG8kkJxpnCHuoX50Na7pw4x2LWiaoWfKE5lhGWChYHX7w==
age: 3944816

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
25 KB 102ms
39ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

38abfda5ca9b056f48795cb1c4df20b3c10fb1fad45b9e5cc3211c6a6c218809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "974 / 410 of 1000 / last-modified: 1630494568"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25640
x-xss-protection: 0
expires: Wed, 01 Sep 2021 16:03:26 GMT

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D68f6f867-30d4-4e25-88a9-1502bc5a4240%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D68f6f867-30d4-4e25-88a9-1502bc5a4240%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=68f6f867-30d4-4e25-88a9-1502bc5a4240&uid=07c585ab-447a-4927-ace4-b340c7512bb0

183 B
386 B

617ms
196ms

Script
text/javascript

44.235.82.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=68f6f867-30d4-4e25-88a9-1502bc5a4240&uid=07c585ab-447a-4927-ace4-b340c7512bb0
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.235.82.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-82-75.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 02a268fd9d53d15e4c386b43883586595b248fac698f1687cfc7259eabb29db2

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Sep 2021 16:03:27 GMT
server: nginx/1.18.0
content-length: 183
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=68f6f867-30d4-4e25-88a9-1502bc5a4240&uid=07c585ab-447a-4927-ace4-b340c7512bb0
date: Wed, 01 Sep 2021 16:03:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_3cac305c_3bf91e95_2
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_3cac305c_3bf91e95_2&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-uZzgENlE2uGHeJkIe5dpYjmn69Zd2w0j~A

151 B
360 B

592ms
197ms

Script
text/javascript

44.235.82.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-uZzgENlE2uGHeJkIe5dpYjmn69Zd2w0j~A
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.235.82.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-82-75.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 82cb4fa1fcbc3227c3ad949a65bcc41eed09ac5a2ac9be06f2526da66b2aadc7

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Sep 2021 16:03:27 GMT
server: nginx/1.18.0
content-length: 151
content-type: text/javascript

Redirect headers

Date: Wed, 01 Sep 2021 16:03:26 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-uZzgENlE2uGHeJkIe5dpYjmn69Zd2w0j~A
Connection: keep-alive
Content-Length: 0

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 10 KB
4 KB 123ms
40ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "2988-5b94848b276f9-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 3813
expires: Wed, 01 Sep 2021 16:18:26 GMT

POST
H/1.1 200 445.json Show response
id5-sync.com/g/v2/ 213 B
528 B 120ms
29ms XHR
application/json 51.89.21.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/445.json

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p24.id5-sync.com

Software

Resource Hash

ef7b7e3a2dae1d1efcc2b134fcde39a50a8aef9b4e743b860bbca45ec57c67c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://gofobo.com
Date: Wed, 01 Sep 2021 16:03:24 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 204 id Show response
id.sharedid.org/ 0
210 B 608ms
200ms XHR
text/plain 54.191.133.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.133.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-191-133-64.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
pragma: no-cache
date: Wed, 01 Sep 2021 16:03:27 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 801ms
195ms XHR
application/octet-stream 35.167.85.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.85.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-85-56.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 01 Sep 2021 16:03:27 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
428 B 23ms
6ms Script
application/javascript 2600:9000:223c:7200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:24:28 GMT
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
age: 2341
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: btO5LGm3BUSRJQsV7J86dhqPTxGoaJPYtUPFyTP0iyO9LnBWhVvQcQ==

POST
H2 204 collect Show response
e.clarity.ms/ 0
171 B 351ms
115ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.22/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 16:03:26 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 204 mvo Show response
tag.1rx.io/rmp/82082/0/ 0
166 B 111ms
41ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/82082/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://gofobo.com
pragma: no-cache
date: Wed, 01 Sep 2021 16:03:26 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 45 B
595 B 158ms
56ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.25.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 131269bf6aec959b544ddcf1b5ad6c6a89d16eaed869c7b616aa440d27201afe

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 01 Sep 2021 16:03:26 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://gofobo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 65

GET
H/1.1 200
OK headertag Show response
as-sec.casalemedia.com/ 4 KB
2 KB 280ms
166ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22421530095%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-PiUFT%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-PiUFT%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-2-t2HmW%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-t2HmW%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-3-d9dU2%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-3-d9dU2%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x90-1-owZpZ%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x90-1-owZpZ%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x90-2-MQNvr%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x90-2-MQNvr%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x250-1-Yz4wa%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-1-Yz4wa%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x250-2-a6imT%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-2-a6imT%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5962152-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&t=300&fn=window.proper_ba55686b_a3a4d9f9_3
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 85e655ea93cb3b2e0e858ffff6e139bc682218736a87647b2025f22eab22d13c

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:26 GMT
Content-Encoding: gzip
X-AK-INITIAL-GEO: CC:[AT], RC:[], CN:[EU], CIP:[185.216.34.99], XFF:[]
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: text/javascript
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1462
X-AK-CLIENT-GEO: 12
Expires: Wed, 01 Sep 2021 16:03:26 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 204 B
775 B 259ms
141ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2264fb291b6e94be836bdb%22%3A%2264fb291b6e94be836bdb%7C728x90%7C0.1%22%2C%22a7ed1445f63ff290b23b%22%3A%22a7ed1445f63ff290b23b%7C728x90%7C0.1%22%2C%22a3d3f63c0ffec8084675%22%3A%22a3d3f63c0ffec8084675%7C728x90%7C0.1%22%2C%22b6fd1dc87a0742d83627%22%3A%22b6fd1dc87a0742d83627%7C970x250%7C0.1%22%2C%229faa42e585d1b8098851%22%3A%229faa42e585d1b8098851%7C970x250%7C0.1%22%7D&ref=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&s=4f31f35f-94d4-414b-91c2-4f333af249de&pv=1fc14066-3690-4913-b800-28333ec03ad5&vp=desktop&lib_name=prebid&lib_v=4.25.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%7B%7D%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5962152-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

8bab8d4b51297ea91143de18a52515960c82eaf20874aec0a6a58ef17614d4fd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:26 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://gofobo.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 170
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 466 B
3 KB 379ms
287ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=145710&zone_id=686076&size_id=2&alt_size_ids=57%3B57%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=4faa5dac-6aaf-4834-9aa0-d810cdf3a92d%3B4ca91646-a6f8-4c13-8b39-2d39ee2ecd3e%3Ba5f9e30e-59f4-4aea-9e4a-27ec523ac32f&p_screen_res=1600x1200&tg_fl.eid=686076-1%3B686076-2%3B686076-4&rf=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&x_source.pchain=proper.io%3Ae5962152-eb92-11e9-a488-69e3386c7506&ppuid=68f6f867-30d4-4e25-88a9-1502bc5a4240&rp_schain=1.0%2C1!proper.io%2Ce5962152-eb92-11e9-a488-69e3386c7506%2C1&slots=3&rand=0.69602577508754
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 02af137e0cffb081a02fc4797077c6c9513e88b9a95c689f36a80d42c6b7f7c5

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:26 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://gofobo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 466
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
315 B 180ms
119ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 3cd9198b6b095257060a0bb01327cb8efd72207c1b58a418acff7fe555085371

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gofobo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 180ms
119ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 6f193d32f3af62ea21834885447c250eb56ba5fe6d49df5ef46fdcd47b09de03

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gofobo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 181ms
120ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 06082fe11b13b3e0d090d8b64c927bbf9fbd20a31a9465ff3c3c902f6ceb6312

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gofobo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 346 B
527 B 41ms
12ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: a10e94879bbae88a50f8c3cff9de0c275ee3a98dcbe99ecad51f6e70c851d2c5

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:26 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://gofobo.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 346
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
280 B 76ms
29ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://gofobo.com
access-control-allow-credentials: true
cf-ray: 687fba8b9e980f9a-VIE
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 357 B
1 KB 195ms
109ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

814e55a82c734cca7bfa3cf1071d6aceae065a7f033717a6726a7b776189e948

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:26 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2ada0269-a81f-41ca-bbdc-2228dfc3a0b6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://gofobo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 357
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
propermedia-d.openx.net/w/1.0/ 173 B
492 B 46ms
40ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&aus=728x90%2C970x250%7C728x90%2C970x250%7C728x90&auid=539109007%2C539109008%2C539109012&aumfs=100%2C100%2C100&dddid=5d9a45ee-0d18-44ce-9afd-e481b22a2e6c%2C48d0b3fb-09c1-476d-a4fd-650cd675a5b5%2Cdd715928-146e-4188-805a-fa6a1fa7865e&divIds=openx-38bd4009-edbd-48a4-8716-766e77850204%2Copenx-93f72600-2e29-45c7-acb9-c3a6c01ccf9f%2Copenx-80950032-75a8-453e-87c5-3cadffec3bd2&be=1&bc=hb_pb_3.0.1&nocache=1630512206607&schain=1.0%2C1!proper.io%2Ce5962152-eb92-11e9-a488-69e3386c7506%2C1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 65cb47c5340934731f1862c53ae014b5b44025ceca8abfc4f13fb2d685c5c6e3

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://gofobo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 174ms
116ms XHR
text/plain 52.57.8.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=SvbaiwAUC2Anyjhaey9vmCKc&bidId=SvbaiwAUC2Anyjhaey9vmCKc&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=68f6f867-30d4-4e25-88a9-1502bc5a4240&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5962152-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 16:03:26 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 407ms
349ms XHR
text/plain 52.57.8.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=do46vcyKzkimuinUNKb6WPHn&bidId=do46vcyKzkimuinUNKb6WPHn&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=68f6f867-30d4-4e25-88a9-1502bc5a4240&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5962152-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 16:03:27 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 168ms
111ms XHR
text/plain 52.57.8.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=YaCtqFKRVNytuFBMH4RYcMaZ&bidId=YaCtqFKRVNytuFBMH4RYcMaZ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=68f6f867-30d4-4e25-88a9-1502bc5a4240&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5962152-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.8.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 16:03:26 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 xhr Show response
pre.ads.justpremium.com/v/2.0/t/ 43 B
247 B 812ms
505ms XHR
application/json 52.58.132.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1630512206609
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.132.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-132-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 62d956e0d5fc84fcd6b7d2bbd8d13e0dde19d29e3381beeff57d185a2b917477

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 16:03:27 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 127 KB
34 KB 141ms
49ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:22:22 GMT
content-encoding: gzip
age: 45663
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 03VHHYD57TPK7GPF04FJ
etag: 708a268139e52bdfbe59398b3e766151
vary: Accept-Encoding
x-amz-version-id: bUOtLa_JuiaVr315AmNwDAtieSptDO4R
via: 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: QEn-uLJnjaZR0kuY0DucMtCN34h9leFO4cuFx-DoCaCWpOsFZp3fjw==

GET
H2 200 pixel;r=1200633144;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer;uht=2;fpan=1;fpa=P0-573985069-1630512206615;pbcn=u;pbc...
pixel.quantserve.com/ 35 B
371 B 13ms
11ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1200633144;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer;uht=2;fpan=1;fpa=P0-573985069-1630512206615;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=gofobo.com;je=0;sr=1600x1200x24;dst=1;et=1630512206614;tzo=-120;ogl=image.https%3A%2F%2Fimg%252Eyoutube%252Ecom%2Fvi%2F7RvVT1cDiNc%2Fhqdefault%252Ejpg%2Cimage%3Atype.image%2Fpng%2Cimage%3Awidth.480%2Cimage%3Aheight.360%2Ctype.website%2Curl.https%3A%2F%2Fgofobo%252Ecom%2Fmain%2FtrailerDetails%2F397428997%2Ctitle.Gofobo%20Trailers%20%7C%20THE%20CARD%20COUNTER%2Cdescription.Redemption%20is%20the%20long%20game%20in%20Paul%20Schrader%E2%80%99s%20The%20Card%20Counter%252E%20Told%20with%20Schra

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 pubads_impl_2021082701.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 2978ms
2942ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:07:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119397
x-xss-protection: 0
expires: Wed, 01 Sep 2021 16:03:29 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 126 B
123 B 70ms
35ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gofobo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3c28b1e7455fd67f101920be78112595a077582ef5a992b9f13850cc2b861e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
expires: Wed, 01 Sep 2021 16:03:26 GMT

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 41 KB
15 KB 39ms
38ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "a253-5b94848b276f1-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 14886
expires: Wed, 01 Sep 2021 16:18:26 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
25 B 549ms
466ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.22/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 16:03:26 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 423 B
626 B 45ms
12ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=616
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 18c3ad9d69f010a2b28ea73c99136fd5d631996a7cd0a5b11e8e6b1d3c48ff5f

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://gofobo.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 423
expires: Wed, 01 Sep 2021 16:33:26 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 1166ms
45ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 96XhsjGsBxsrm3kyucJOVw9g9hT2d.yB
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 22552
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 21 Aug 2021 01:59:01 GMT
server: AmazonS3
date: Wed, 01 Sep 2021 09:47:36 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: x4w-G9EwBdTs3QBDihJtCtzWFiq4XlEUrGX_OBAVMFY7r9LphBuxEg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
300 B 140ms
139ms XHR
text/plain 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
via: 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: https://gofobo.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: gEBX84l_TWFvQM9GE39vuGRi2A8n9v41ZBhJuLeWP7KOvuCaBj9dTQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 85ms
84ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&pid=vkMUeTv77VNdq&cb=0&ws=1600x1200&v=7.68.00&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&cfgv=0&schain=1.0%2C1!proper.io%2Ce5962152-eb92-11e9-a488-69e3386c7506%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
via: 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://gofobo.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 4oth4qGCjWvnQcv9pZwkxOOnGd9d0yQqY-iO6JLP3FY0XRPzcbuCtw==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 39ms
38ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Wed, 01 Sep 2021 16:18:26 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 187 KB
56 KB 49ms
48ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c66fbd9aa8bea7f30b0a58ed13d4397ffee9ccbfa02f6a42155883e2227ecf77

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 17:08:08 GMT
server: Apache
etag: "2ebff-5c8aabae001f5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 57184
expires: Wed, 01 Sep 2021 16:18:26 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 14ms
14ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=393879024716738&ev=Microdata&dl=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&rl=&if=false&ts=1630512206814&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gofobo%20Trailers%20%7C%20THE%20CARD%20COUNTER%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.youtube.com%2Fvi%2F7RvVT1cDiNc%2Fhqdefault.jpg%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fpng%22%2C%22og%3Aimage%3Awidth%22%3A%22480%22%2C%22og%3Aimage%3Aheight%22%3A%22360%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%22%2C%22og%3Atitle%22%3A%22Gofobo%20Trailers%20%7C%20THE%20CARD%20COUNTER%22%2C%22og%3Adescription%22%3A%22Redemption%20is%20the%20long%20game%20in%20Paul%20Schrader%E2%80%99s%20The%20Card%20Counter.%20Told%20with%20Schrader%E2%80%99s%20trademark%20cinematic%20intensity%2C%20the%20revenge%20thriller%20tells%20the%20story%20of%20an%20ex-military%20interrogator%20turned%20gambler%20haunted%20by%20the%20ghosts%20of%20his%20past%20decisions%2C%20and%20features%20riveting%20performances%20from%20stars%20Oscar%20Isaac%2C%20Tiffany%20Haddish%2C%20Tye%20Sheridan%20and%20Willem%20Dafoe.%5Cn%5Cn%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1630512206310.232926351&it=1630512206176&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 01 Sep 2021 16:03:26 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 184 KB
61 KB 1103ms
31ms Script
application/x-javascript 13.32.121.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-3.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a08c01d451bd2649996e79c2480e43b5ede3f2833fdadc14ef8ab7a99e7a6fca

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Rht9EGj5CLLTbc7c28hGHR3r.Br9AlUg
content-encoding: gzip
etag: W/"ba9fcbd6e70c7f8f2ee116f4f3ed4eb6"
age: 12123
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:c6969df7-acd4-4ae9-964a-80694e0cd836
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 11cd83118869b3620c5f956dedb0813c
last-modified: Mon, 30 Aug 2021 12:41:18 GMT
server: AmazonS3
date: Wed, 01 Sep 2021 12:42:10 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: c6f0e019387f43cbaa51d31fb47cc3472809786965b16f39b6e0a64940f2e81d
via: 1.1 23e8ec14db0917c91c2c733b45578891.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-type: application/x-javascript
x-amz-cf-id: rCvbGvpn_ghn5msPcydwYyUWmk-yeqdoP4v6MgnpnxVwPJXi56K1Yg==

POST
H2 200 s2s Show response
eb.proper.io/ 385 B
985 B 307ms
298ms XHR
application/json 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s?proper_uid=68f6f867-30d4-4e25-88a9-1502bc5a4240
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98717e62165e22ed9a1bc4898b1aafb0c6e3d208a92068816b59fb2afc5cd5f6

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:27 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://gofobo.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: dur:253
cf-ray: 687fba8f8ea51f31-FRA
expires: -1

GET
H/1.1 200
OK Cookie set a-00jp Show response
i.liadm.com/s/c/ Frame 27A3 1 KB
1 KB 485ms
147ms Document
text/html 54.236.238.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-00jp?s=&cim=&ps=true&ls=false&duid=0304f7a82132--01feh1kmab8rz1w90pt4y8rcys&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.238.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-238-76.compute-1.amazonaws.com

Software

Resource Hash

55477390838249ee5a6d43ef733fd62fc9098cae4565d81ecf123fd2fa295fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: i.liadm.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gofobo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: lidid=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Sep 2021 16:03:27 GMT
ETag: 1.61803398874
Set-Cookie: _li_ss=MgUIBhClEDIFCAoQpRAyBQh6EKQQMgYIiwEQpRAyBQgLEKUQMgUICxClEDIFCHkQpBA; Max-Age=2592000; Expires=Fri, 01 Oct 2021 16:03:27 GMT; SameSite=None; Path=/s; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains
trace-id: a70181756ff4303d
Vary: Accept-Encoding
Content-Length: 639
Connection: keep-alive

GET
H/1.1 200
OK baker
sli.gofobo.com/ 19 B
363 B 183ms
42ms Image
image/gif 2.16.186.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sli.gofobo.com/baker?dtstmp=1630512207477
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.186 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-186.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Expires: Wed, 01 Sep 2021 16:03:27 GMT
Connection: keep-alive
Content-Length: 19
Content-Type: image/gif

GET
H/1.1

200
OK

1d4bd9ae21a54e4f8ca346baeb3ce55d
i.liadm.com/s/e/a-00jp/0/ Frame 27A3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F1d4bd9ae21a54e4f8ca346baeb3ce55d%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&c9ae6ea7-3893-4acc-8268-4c8...
https://i.liadm.com/s/e/a-00jp/0/1d4bd9ae21a54e4f8ca346baeb3ce55d?mpid=7156&muid=d67a612f-a450-4e00-8c39-a63087c2250a

43 B
285 B

112ms
112ms

Image
image/gif

54.236.238.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-00jp/0/1d4bd9ae21a54e4f8ca346baeb3ce55d?mpid=7156&muid=d67a612f-a450-4e00-8c39-a63087c2250a

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00jp?s=&cim=&ps=true&ls=false&duid=0304f7a82132--01feh1kmab8rz1w90pt4y8rcys&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.238.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-238-76.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:28 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 1de895db5f018637
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Date: Wed, 01 Sep 2021 16:03:29 GMT
Server: MT3 3893 e707801 master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://i.liadm.com/s/e/a-00jp/0/1d4bd9ae21a54e4f8ca346baeb3ce55d?mpid=7156&muid=d67a612f-a450-4e00-8c39-a63087c2250a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Sep 2021 16:03:28 GMT

GET
H/1.1

200
OK

35759
i.liadm.com/s/ Frame 27A3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=605a0462-6b50-48eb-8eee-a60171074a31

43 B
447 B

113ms
113ms

Image
image/gif

54.236.238.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=605a0462-6b50-48eb-8eee-a60171074a31

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.238.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-238-76.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:27 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 7ecbf7d0408adfb6
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=605a0462-6b50-48eb-8eee-a60171074a31
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1

200
OK

1d4bd9ae21a54e4f8ca346baeb3ce55d
i.liadm.com/s/e/a-00jp/0/ Frame 27A3
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F1d4bd9ae21a54e4f8ca346baeb3ce55d%3Fmpid%3D82775%26muid%3D%2...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F1d4bd9ae21a54e4f8ca346baeb3ce55d%3Fmp...
https://i.liadm.com/s/e/a-00jp/0/1d4bd9ae21a54e4f8ca346baeb3ce55d?mpid=82775&muid=65139477076425635492365597447572864163

43 B
285 B

294ms
112ms

Image
image/gif

54.236.238.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-00jp/0/1d4bd9ae21a54e4f8ca346baeb3ce55d?mpid=82775&muid=65139477076425635492365597447572864163

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.238.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-238-76.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:28 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: f7177ed886515dcb
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-2-v015-0dfbd4bc1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: t995GGokRxQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-00jp/0/1d4bd9ae21a54e4f8ca346baeb3ce55d?mpid=82775&muid=65139477076425635492365597447572864163
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 27A3
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&rd=Y

43 B
602 B

175ms
174ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&rd=Y

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:29 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Sep 2021 16:03:29 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&rd=Y
pragma: no-cache
date: Wed, 01 Sep 2021 16:03:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 01 Sep 2021 16:03:29 GMT

GET
H/1.1

200
OK

52176
i6.liadm.com/s/ Frame 27A3
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=aa12b494-64f1-4a95-9079-13ebba7c2ac8
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=aa12b494-64f1-4a95-9079-13ebba7c2ac8

43 B
447 B

291ms
95ms

Image
image/gif

2600:1f18:444a:4680:b988:ecc0:9832:67ce
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=aa12b494-64f1-4a95-9079-13ebba7c2ac8

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:444a:4680:b988:ecc0:9832:67ce Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:28 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 640d24012c420ed0
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=aa12b494-64f1-4a95-9079-13ebba7c2ac8
Date: Wed, 01 Sep 2021 16:03:27 GMT
Connection: keep-alive
trace-id: e093e999cb9c46d8
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

52164
i.liadm.com/s/ Frame 27A3
Redirect Chain

https://x.bidswitch.net/sync?ssp=liveintent&user_id=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=c9ae6ea7-3893-4acc-8268-4c8a52e9fa83
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=984bf214-4961-4ed4-955c-a36c26d5f2a3&ssp=liveintent&user_group=1
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=aa12b494-64f1-4a95-9079-13ebba7c2ac8

43 B
447 B

200ms
112ms

Image
image/gif

54.236.238.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=aa12b494-64f1-4a95-9079-13ebba7c2ac8

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.238.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-238-76.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:27 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 3c7f51e09a1da06d
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

location: //i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=aa12b494-64f1-4a95-9079-13ebba7c2ac8
date: Wed, 01 Sep 2021 16:03:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 27A3 43 B
238 B 29ms
14ms Image
image/gif 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00jp?s=&cim=&ps=true&ls=false&duid=0304f7a82132--01feh1kmab8rz1w90pt4y8rcys&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 01 Sep 2021 16:03:27 GMT
via: 1.1 varnish
server: nginx
x-timer: S1630512208.987170,VS0,VE9
x-served-by: cache-fra19156-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 116ms
115ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.22/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 16:03:28 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 integrator.js Show response
adservice.google.at/adsid/ 107 B
853 B 49ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.at/adsid/integrator.js?domain=gofobo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 16:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gofobo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 16:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
39 KB 534ms
533ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=188377081892053&correlator=3604511029886098&output=ldjh&impl=fifs&eid=31062434%2C31062297&vrg=2021082701&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20210901&iu_parts=5376056%2Cgofobo_main_1%2Cgofobo_main_2%2Cgofobo_sticky_dynamic%2Cdynamic_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2F4&prev_iu_szs=1x1%7C728x90%7C970x250%7C970x90%2C1x1%7C728x90%7C970x250%7C970x90%2C1x1%7C728x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D6972%26proper_site%3Dgofobo%26proper_slot%3D1%26tags%3Dunknown_desktop%252Cunknown%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D6972%26proper_site%3Dgofobo%26proper_slot%3D2%26tags%3Dunknown_desktop%252Cunknown%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D6972%26proper_site%3Dgofobo%26proper_slot%3D5.01%26tags%3Dunknown_desktop%252Cunknown%26proper_sticky%3Dtrue%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630512209&dt=1630512209750&dlt=1630512205839&idt=3872&frm=20&biw=1600&bih=1200&oid=3&adxs=245%2C245%2C-12245933&adys=140%2C1627%2C-12245933&adks=1289986997%2C1212421020%2C452034833&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F397428997%2Fthe-card-counter-official-trailer&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x0%7C1140x0%7C0x-1&msz=1140x0%7C1140x0%7C0x-1&ga_vid=1262837785.1630512206&ga_sid=1630512210&ga_hid=1271951749&ga_fc=false&fws=0%2C0%2C640&ohw=0%2C0%2C0&btvi=0%7C1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

55d6df10cb276f601f4274a3004f1c9084e4eb9efd644115fceb0e22a52552fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39811
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gofobo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 79FB 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Sep 2021 16:03:29 GMT
expires: Thu, 01 Sep 2022 16:03:29 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 20E9 6 KB
3 KB 22ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Sep 2021 16:03:29 GMT
expires: Thu, 01 Sep 2022 16:03:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322975956640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Wed, 01 Sep 2021 16:03:30 GMT

GET
H3-29 200 container.html Show response
5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5888 6 KB
3 KB 21ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Sep 2021 16:03:29 GMT
expires: Thu, 01 Sep 2022 16:03:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A0B 6 KB
3 KB 18ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Sep 2021 16:03:29 GMT
expires: Thu, 01 Sep 2022 16:03:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5f641886198fee9badfbcc907ba5f726d027a5636596ca532695c943e5f5bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 16:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8473
x-xss-protection: 0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 604ms
200ms XHR
application/octet-stream 35.167.85.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.85.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-85-56.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 01 Sep 2021 16:03:31 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 01 Sep 2021 16:03:30 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B801 624 B
592 B 18ms
17ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-1wgIQr-HgAhjhz9iyATAB&v=APEucNWjSMBVYE47lFCZ1qqBMS_q5Vsok2nkGmyKywRuScFvxIBmtaW1ms1k9pEJBPnw8MOp4SEXPgA1LJc0GhJvrlrk-Q4ntetwy3FJ5-KxaIaR8M-poVBv4LYfcjlkF-9Ojh_Y067HiEyHlgQcSoVyGTEAXFCTy-sgYmfkQoGKaBhhOV8yxmQ

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CI-1wgIQr-HgAhjhz9iyATAB&v=APEucNWjSMBVYE47lFCZ1qqBMS_q5Vsok2nkGmyKywRuScFvxIBmtaW1ms1k9pEJBPnw8MOp4SEXPgA1LJc0GhJvrlrk-Q4ntetwy3FJ5-KxaIaR8M-poVBv4LYfcjlkF-9Ojh_Y067HiEyHlgQcSoVyGTEAXFCTy-sgYmfkQoGKaBhhOV8yxmQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Sep 2021 16:03:30 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmMjBuwOXeqBLEhK8g7U5w7dvmIH8Sb26EvGYub-YhDcr_6s7B-vueSPTca; expires=Mon, 26-Sep-2022 16:03:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 16:03:30 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2A0B 70 KB
28 KB 57ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHgi--x3SHs19NWhJD1NSSZ18Ecc0RN_GfJbPSNMHfAsd-clQkRhzDXX5U7MPH4MbaFWBy5VSIxhNX1cMeicQqzzriNuSK42ihf6M2zXzvqxXm7X2s2J31TO929809OnOv6qDuhYaRJKikHVtvsvX1ssA5zg&dbm_d=AKAmf-AFEtPD7QSdxATv_JmO14ZZDakEdbLyakyzpYDM9kNHHoj7dCpfvsZ_lyvJDCdQjQlyKjgVnZZKQGulIPyfXhyZHX1sLhQ8s7dCl9Vo31kadgATSIWlQ23GEc0ThrZTHseIX1aLscukd2I3fypTlotMnCJxrrl-NK5rmICFiiddFAv5LdknKZyc9cC4M4ECRv7lw2xhj-wGkf3SlAW_k82sxOnbA1wUp9l8qHSDF8CCIIM1duANGNbUbE9mhh1MVJeWXJuaUHtUgNR4zA67ibHMh-jwct5nQ0TV36rpPDBjoy7Eh6zUy8HCJOWWOJLNi_WTz6uHWG-ej1tkYttOwxAgrls8D_VBISYdb6bofxLLykVRFgQuEGPmY7vh-p-a2rdaAP_wak3XKYY6UNvnD_o8GVjJN9a3Psl6O9WogtxOLp0l-arVJ7pyrmFHSxSyXYhIU5bqZElf8L2BqyfN1rbQlPa_sCxVfXBgljP3E2rCsZ-qlym1gyqtLbi7H6RFxrnctjgqAT-TO-2Dk6zuXuD4VUpZUGImnolhuugSNdMySnMV4OVznFqryXnFWqIx7okFv8dXG8Fl5qQkWPSAt6aXxwVFqyEf0q5Z6YehnKlp4Sdwi5tFuNuDx2Dt4jpkS6_dyfg4BaY8coTS2kdMM6_uzmAMRw9shugpk5I1s5ncTxRX6kzkng-h01ziqqEcMqpucdPIGwyP6tClI7IoW6fO_9rG4G9U12ycBXFba932rRkwaUYNdRca9Xf8dlsCfzjS4adQ0PdbyDYaAO8x7pgtoWAAjZkUtvR_KHDewIL7HU9c89Id5EW66mWUFgC9-5d_J4wQzEIQTgGTcv5RqxeYBoafxkN8CluSGO665cwa2Hhcyt12BHP6PeETxVeGRdCyUXsfD2uvFwcTlwTfiPfMY2LTxmuyToqOigfTRxLWCVOpAmICY9gcMXI_Lz9mZ-wEGGxCjfxPzQOqcsyJgfpoNdKoeKIc39ND4e3_jPWQ4VRAwRDgvRHJvOjs8t9IBTmLVJyvV1O3YrAqFaMgrJ-tZ9gQVmo3HF3AGYjR7G_XcSurBOFXWaWtedVce1O8ZLr9XByYOic3xVnVr0uSkyAru87wDQJ-S7JszOLC9KYwSfSqe2v4IEwsYxl_E1QMeQ8ttC4Y-yX_o1GuImeRm3RdgDtFLPh3Dm5sfUew0w5QLLZRFjDGlrSxRFLpDBBpt_6f0QIYhG3qy5-mzhX9vKVE4c7r-m0kQ5oSmBUN0DBKhXTc02AaJiEbuxIMNniTiWzkBas9BwvUI_3ZcSIORpIKu7BDQa_aPJicRz3k6Ar8IKPGCezSRktQ72mZpXoQ9UF6Z97wvFR-WxXdDEQfHojf86L6xP8Tc84QmzQ36YLTm0OmIbwivWUDJG4qgEoInn0UsUvncaYdGN0gC2hpg_cRWiKkHx2zB2JGIPXV0cOEbGdVm2OOUQWWfrrqutZOryyUF-aBtB0i38nh5-z3C02hjDtWOxP0TOLTE7BWgwTJpa-M8g_F2YvNpWQmhkjORLPERJrNRuB9p3wUiL6nxiAtjfFLWJkzsOlkI6OVmgkIOr0AXnGTNGvBNMU8xZ4AO0rFG7pATRndeb3GG_gJrilhZQgCWmHVQAadWgBbrMbHd7kZDIgjTS7vzgKRwax3UOWxS4REK594MCeDWE9NqaRViJ_SG-U_iE33WtKDBh-rxGasW0oJXCzaHdJHKhTCXuWIWMK-oBinRRg5U6xychyvnMKkHHfdFbf1C-tgIeNXuP7PI4MUPxbXw-NcFkKH5nh4wN8lkvcz22xRHkTmguH52A4SCDU5MxEqk8HS22LWpteSZ5DjG2IjeGhtTpadW4kwHWqe5H2FITB5McBth0TtMLbK-uT31xRypgdZo25zdcgJYLyiLw70PKCp54lDgMq2sAp8-LjTSxTxr-zj3Dr-ERCpuFgCSg5SoEZTT96sO9Cfj9kcpEG0fNB2EtaSYvv92Yg4dS9NQ1LH12vhX4LzPsIOQf0WoXcItfu6RuYl3lFkmPfqtKTbNjX8K2P7VtxVQyahaxupN7M9gEFFNcf05p-CK4bWmDmM972ymamsDXrJ2R0Os1S2BdFguJTYQmtah89zRwrGUR-qBZU3LkO-Qe-74NAgpOtkxwz62P171Rc1BWvgQ_M5PKXdAhMTEJnkqFh2DRvhIrx2idmwzOu1D1Kt1IJJuTcpKU4wQ82Q2OS9W4nY52q4L7Crr9ov15mfU9geEaxSpdBoOnhgUZqD1r8ZjefGriZlYnOeK3TFHlcb6ZFV3xZDlLcFz1-cijcowxbeKQbI3-hdFBEfzTsPu13cS2dQjEmrcCvprLrmZ8AucvGee4NUoV5ybDDCTj35zVeB4Ya88yZVncH5KFkyAue_iP__48TNm_1QBKuNPTx4CQuq76p-5ofmu8RTSQcjRJnOOiP8Q0CDR5ZFysQcsMcm73yNBd3wZT77QqWgizKF3enU0EViBg59e-hJNlfjBaBU1Tc0kZiyA8OnyRRutpMYvJgtHlL6udK9Q2cS6dNpZ1wsD99TFSJQxUG26RNx2cQYicIhd_Dv0poWxmfaQFLOMG29rxv2nR_R7q4QURKxIohQpWM4n2gECgnIEvEtKQvCdUlCCEkCVz89FOvZm946lPocQKGpodI39_rlDshAqR3A70tOzSK11MYyVgYPy6UNE6RaJF6-YCmv-7qnHqSCDuSstkLU7KIqJMoFOMn3eJuDjDsRf0zoUyqVVYQCgJ1jXCO04MzF-XcQftdgQxTjToH3OpIChlfhwthmGbtx5-123pNA1nJS404QR6Jb5no27VGdYsduHebJohedemaouAb0dCX7_QTwL4Ix012hIXKvUbuKdd_wfR0OjnGLM1AexzuimMm_BTTEuxnd2YuzxEfQLg-1UOcOWOElN1m422xIg5lRKJ8fiaW5yxI6Y6qNtqZ2uBRCm6mNBMYU1jDBg7Djx7RtRid-zaYGOursEVz7AS2QUqUn-X79YnGlPkukjqSN-9VtsWkbnqpAs57UeHHUPDGjtAoSOjXXIu-lxoqnWaI_Kxsw73Nw7ArgNPixo_8fQd6gn7-i_5mKxg5UeTHTOOLadOOCAg7xVA8HHp1saaGktfX_b3dGlwg1KsDQC2ZTEpovpGFfPY02HanijtiZacXbcvTgT0fJcVr7ultIQUZ_3nxisVQpOKJAs49i3Nsp-WQEHNFKfnbBbYdXNTVS3jKvjvIQeYpn0wLjSKQ&cid=CAASFeRokkXW6oR--ZahK55n7L7JZiUFGQ&rfl=1%2Chttps%253A%252F%252Fgofobo.com%252F%240

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90257c042e38df42354d721bfe98e36e037f137f0775b3000f5b1158d62a7ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A0B 42 B
63 B 44ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bi2R9mFPmGiZGUy51ZqIRE85DCop40Hl0AxIc9VCzPQ9H01MYXVIWxwhEoE_LNeH6WyR-TOrDbtLQ8LV-5H_xooyxDnzt0gWTRAtx4y7esaYfJvq4

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 2A0B 2 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:58:30 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A0B 122 KB
37 KB 37ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 16:03:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 2A0B 14 KB
6 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 16:01:59 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F250 624 B
559 B 21ms
17ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARj-k6htMAE&v=APEucNVGOWeytXKU4cIf_kWgalShD8RP8oaU-ZfrWEp49bxnXA4bddDLUHusvW9sY695Ft8aBxu2VM8b2jCn6xxqWTSKlNY8VYhdUcnAyhMaypVUxu1cls52rVPiLyGrJx1z5SCgTRg0_GAmgQb_l25n6QajtGyn7Ab4kETJo9AU05TBCeldet8

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPaA5gEQl4nqARj-k6htMAE&v=APEucNVGOWeytXKU4cIf_kWgalShD8RP8oaU-ZfrWEp49bxnXA4bddDLUHusvW9sY695Ft8aBxu2VM8b2jCn6xxqWTSKlNY8VYhdUcnAyhMaypVUxu1cls52rVPiLyGrJx1z5SCgTRg0_GAmgQb_l25n6QajtGyn7Ab4kETJo9AU05TBCeldet8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Sep 2021 16:03:30 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmU7qXCEHMq6QamG8d-Kfk9rOnMwc7FU4epa834HSfQYBUkpn6rH1wdRSuU; expires=Mon, 26-Sep-2022 16:03:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 16:03:30 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 20E9 77 KB
29 KB 82ms
79ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUPoyYL6hJPRe_XE7YsJ2Hi3i9OEHCP54YLylwrob-qwo7uS4Zb8xyRSkQsAnkLFmQ9cEX2N4MboC2Y5rD5dYjis-cPXbe9TehWWiEz7HHxP5ltAMeYrVg3EwmTd_ItxJVwfwmb3PFagNz4GYZsDBUyf5iEw&dbm_d=AKAmf-AlHujs5DOyTEk9fGICj3fZn1U15EYQUfDwliOBubz_h5-feX6IJbC0h-Jo4tO7M7R7ME8F-ovxWWXv5-VYcgMgT8iz9fWYwwcLvELYfYBx0LlQwI1zV6rUotQNp7D4YyX30zdE7E0Fpz_ehpXad6NBHxVhZNoot3Sc0mPPlfNJRuzyfKE32AcU69WqaFH9Gdf_52qmoESsNhs7aHXw1bQl9w0ZIY85EJWzNVOmkAXeFSGiCb2DQvD4t1GPwP4b9awqj9JkeQ0uI1deUG5B3q5PgGrzIsBsgI4YOXqbIC9t9yX3kGNr-jzkpJYrBEw_D9hOqT6c5UUqeS6-AF5Y4uT9AbQzGJPbSVUO9VQqf8ePSPafnn0wl4wfSmldRy7n-VCI-EOG9_yBrSal-pwNk4X9xXohSI-khWYRHAgqqZNK2pzfl0pEYGEkUU_DdfIm0Ng1eyh7fWdk-_fohuLpZFm0UvHltLYn_kWIkvXiZk6rcymIhKnsW0sZdoc_ciZlRQIh2j7Et7jd_xDYJHWJ28tqXEmTcglJu8RFDXhqRp41zE28TzeOsGot217qOa8hEADDc9KVQxfMrUo16HX3IN8VrhootC9BXcsXQh1PrQuM4KcOCcYDYgMFoRZaXY4Adx1niLEuRHQIvSTXkwRIYfCuQonjhrORyz3iFZwaDWm1EQBj0gkG5YAYErxxnKKtBSllUhqYI6Pgn6yReh4tx8aiNmF-jJSr-yz3qXrTFjLd0dMFoj2MowaqZd4I95a3utsrqVCX0ahrQjCREGmDLw3IrAHFkF14-5pGHZJnlwDqgMtp7jcC15J-UNxNntXlN8-GE2XNXTZTeLPBBc31ALv6VgnlKctGDFas1m8WQj1LjXab6upneZN7Sk9yg28mazSBhomixoufPPHKl2pB0E2vBQlM6A44emTd1XK2veUAEQhUVll2FBXpCkAzUc7x0sP8ey3V1pvAd1nmXlNVqzFa4zJGvzGwErtJNnhNdloqRnmUspxZawRj2fbfogUa_y2H4VdQFMxTEbR-jyd06CA6LiJp5wSw8hDM7zjmjaknSszvJP__C0HcF1pTg_cV3wHgBe1y653bQhMfAKbZXMYXvekNg9uY03fHFqvTVE1XE-3BU90grUKDEaJqic-mhiAQREidKlsJPp3oJ9liO1CTKeIC2WrAr8MXZwMOta9w1IjLhLYeDB0sJscB2g5aeocxMGc50SsuZaG1qophU_bIHHFcnVwudeiphtGOSstSLFosdat7g04XhD5sVkh8YbTRa5-E74hGgNhA-3LwSE-lnzXYNkD7DJh1sK_pFGagXO_Tx0vOYAgjmJGQ0FWUAizeycMmOmZDRklFCi1Oyn7_EC9DoOAlnG7FSg3mQKD2aXt7XdQkoDgCJdXH_z-KNmlcuxDU86jC_kkSEeYgPKR4zOc8fAVxQB70zFy3oN8eQdPxMH6NfvWfaw_Tbm6u7aJoquxW1pyWVYhatcbbsk-sOfGvyiK-w_QE12VkZpeV4gV9sQ1CxpJODztlZBVj3U3Ni4OsqRECmIA5zJQMlYb0_YkFiLV97y9PTnVRdH_clIpzDHYt5W0baVeRXZjOLKp0D9A1LjQzlLouORdnWB1VkVOxQp3Cl76y-knpfkoY6u8OXL-mKx80b5A_q7ElFCPZzNrl3E9peWb4HMdYIqOqtI57GS0vdls3hLr6RiQYVzTT9HepirY1-pUUQUQfDvDbtSGpMuSZaQnh0T6d8y7iQA7mDaX2QWaobN5sx_fw73-JHYE-Tl8HwxS-FSccxQTeU7EuqlHHyajBS5RTC3rVq2Ya7cA-DmjAv7nu9qhf_we-kVQSvKAEcQGVD088U_8f6oXUXtkWy5pNqa4ApBk3M7VSEtQC52Di0IFiWNRI5jUCvg-ECMT3s8VBihrOKpy8YV4V_euuHEKf6Wuz_TR2K9P0adoHoY8-NwPf4xoMBIU_ojjwk0vnq3E8v2HwSKbwqi02PfCRq9KB7Gj2tUb60BsYGp6SGI24qpbDvlvCsitMnJpMzTXLTCAoGevUcTki3qBYerHM9qXQrcLxPcy0ik35WRT9aDF_bc59Wbo2KIFqLYNdeG4wqsUObfu4ie1ST3jdf3VNWXotP1GmvBSjUmVCqbl3lNXWIVt29aoqgcB6eKJW8k1CDjbZoDGAS4Tydgjnrq9nLIsIcuh09E-k9vGDvk2l7BNnhW0mJrAxfKySECkRtgGapRkblA2uv8Q_E5FTBrGUURWqWCOB258YdfN8CRVFrBpOfbuYMeW5N8FllnHqubEoWDym1iY81WYCDX0bRQZJDgkY9niRyGjBtpGbIhxKsY7_S1rvk-YvMjWsPWiVcOZ0uQhVtIRXbTYmFpRdnvyXazHz9YQwKsTOdnXpjt8-bzHDq9fAGAvsX5gdanTBmj8TieWBtKn1DoRSKuJxtCDGC1LE-UDVsC-L3lFLjPYBjMGzDwi1ewP76dktxPfslVTmg9VQvRaV2Aq8xXGlmqj4Ok46vIF3eBnRHVdflizzGN3wdZy26G1hVS1plpDtmCIxwEmbA1t1Kt34bP59IC2smeORogQrKZ2iNbpQDLhjZ0tXpbM2LNR_fjaGTDzaPl_iA4OQZsVQYt9qvp61VVQdqZfIOY0pMM3qxEghU-6P2AreBv00iGNNGaBkJPhvbGgMN-09PVVADoOAz7AizkuMM9ZzualN5jQ_-cAqbj5T-0NZCiFh1iMZraw0XhMC6MDrcDSGeOye7VQgZ98yX3byzzvEpF4AZ5GTQ7c-SPeyXh1a5eP1oEH8P5VBb_YRf9XYq38i-Gg-ys-2W9f-B9BqFJWY7PSL8gn8a9OhjJzn9PETWQXhbDcABT39b0qfcpiICXTxEaIcpjmfMZJKF6nz5GkHI4gWt51Ay9kxb5tlc_6Nzd0qODr3Q-i-Mq4iNlX2c9hV8qFiufhejGUqt_z5GgLM6z48vHtJO4UAWT_iIgupVftFPKkq21mAfNjmsNAlGgELjMHTMOpK9d2o07Y_14ZWLabM3I6XCOu8g3cyAD59aQ4Ftyv_5YWQsWpTnJLa-9IelMTToefSAvml3Rk6dy2sLNCFKy74apH7aw2D9ZvaEfYKY5c-Dld13suYdh3nvfx34Q5IDW8LdLm-Z-gMezMUnMt6VhWbNtG9cjShEl83HUtq-nVk8rvRqK4XeYTHv6IJ2YK7YrQT65F05-l_fU5W8ElhZGk8nMLxYqTVQPqHBtP32084nuw7kQE&cid=CAASFeRoOAnoQPv9T-rhWXPNIwQxllKsmw&rfl=1%2Chttps%253A%252F%252Fgofobo.com%252F%240

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b363cfdb6eff3537a4866cb084bdfeb1b89d4dfc54a5aa3c4bfa8c12ffb23bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20E9 42 B
63 B 42ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4A2HF1aYsIElUapebQNJ6qvzVTn4lwggJZUHU_jmnb8M6rH1oura3U5Q76E0GS_eBwVjEbZaRguUWkHsaCVE9Pj27O62NVHfmc1FOgxUEus46yxg

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 20E9 2 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:58:30 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20E9 122 KB
37 KB 53ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 16:03:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 20E9 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 16:01:59 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 20E9 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3vWXPZol6Riv0W7GtrQVgWGXYsNKbYkeeTdzoIOmP55CurXuBbqOj2LRu-VssU738I8XR5RvcN9WjZShKAnbIn3VsRA
Requested by: Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 35F9 624 B
560 B 16ms
16ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLPc_7ICELv9s7sCGLyL068BMAE&v=APEucNW1aTpgHvQdi600lGWEHQbZAKZLbEN4iqPIYmL-aRxiCFwvq2cHqWJ-ktNj-nZCKFmsRYNlR_Ayt9AXN25iwWqxaC0MbT0goTGDc1osYLBiiCB7IATHHk-KaEWat306Vi0MOm4ykmtK8E98YCdR-ijbnRaSZHvJcJ8ajT8qkTJy0RJdq8o

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLPc_7ICELv9s7sCGLyL068BMAE&v=APEucNW1aTpgHvQdi600lGWEHQbZAKZLbEN4iqPIYmL-aRxiCFwvq2cHqWJ-ktNj-nZCKFmsRYNlR_Ayt9AXN25iwWqxaC0MbT0goTGDc1osYLBiiCB7IATHHk-KaEWat306Vi0MOm4ykmtK8E98YCdR-ijbnRaSZHvJcJ8ajT8qkTJy0RJdq8o
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Sep 2021 16:03:30 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnSX6JJaqo41Q7EsN1jroFzBRvHxwRET7HO9PoO5SA6LvzYvgTJtJEsvuWk; expires=Mon, 26-Sep-2022 16:03:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 16:03:30 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 5888 114 KB
40 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Sep 2021 10:04:49 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/ Frame 5888 6 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 14:49:33 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 5888 18 KB
7 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:37:21 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5888 42 B
63 B 46ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BkIRmH2HLe3VzDxJ4MceuL9ihIOKnRKbQ58v0agKfBfCR0LPyxgExtoNmbwD8d9F5Vs0xtEXkAIRgrYUI27zIwLmdlPRtj-2GnKAuTegx_QIkCKjw

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 5888 2 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:58:30 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5888 122 KB
37 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 16:03:30 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 5888 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 16:01:59 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5888 0
0 19ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0whRfrBeF4JZiqkSlGB-BgWT_mHQPOsLaXHg6DtaU24DfTEVNm-9zUF5_vbDT5h6qU4IIfwUtgSK17R5RXdXj58Q_Rw
Requested by: Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1996 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 15:24:09 GMT
expires: Thu, 01 Sep 2022 15:24:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C6CF 783 B
533 B 25ms
25ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7bfb4f95a9f2fc778061cfcba056771238b858903ee8c656086d9a5679f465e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1DbB6HSE03BcL8ic6LjTRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

expires: Wed, 01 Sep 2021 16:03:30 GMT
date: Wed, 01 Sep 2021 16:03:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1DbB6HSE03BcL8ic6LjTRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B801
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1

43 B
1014 B

67ms
51ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-1wgIQr-HgAhjhz9iyATAB&v=APEucNWjSMBVYE47lFCZ1qqBMS_q5Vsok2nkGmyKywRuScFvxIBmtaW1ms1k9pEJBPnw8MOp4SEXPgA1LJc0GhJvrlrk-Q4ntetwy3FJ5-KxaIaR8M-poVBv4LYfcjlkF-9Ojh_Y067HiEyHlgQcSoVyGTEAXFCTy-sgYmfkQoGKaBhhOV8yxmQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 16:03:31 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B801
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS.kU7oFK7I4D02AJBsVrwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2

43 B
894 B

58ms
55ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-1wgIQr-HgAhjhz9iyATAB&v=APEucNWjSMBVYE47lFCZ1qqBMS_q5Vsok2nkGmyKywRuScFvxIBmtaW1ms1k9pEJBPnw8MOp4SEXPgA1LJc0GhJvrlrk-Q4ntetwy3FJ5-KxaIaR8M-poVBv4LYfcjlkF-9Ojh_Y067HiEyHlgQcSoVyGTEAXFCTy-sgYmfkQoGKaBhhOV8yxmQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 16:03:31 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B801
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1

43 B
1004 B

55ms
47ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-1wgIQr-HgAhjhz9iyATAB&v=APEucNWjSMBVYE47lFCZ1qqBMS_q5Vsok2nkGmyKywRuScFvxIBmtaW1ms1k9pEJBPnw8MOp4SEXPgA1LJc0GhJvrlrk-Q4ntetwy3FJ5-KxaIaR8M-poVBv4LYfcjlkF-9Ojh_Y067HiEyHlgQcSoVyGTEAXFCTy-sgYmfkQoGKaBhhOV8yxmQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cb80442d-7f42-45e0-be6c-bcd097dff3c2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B801
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzOTI3MzIxMTA0NTM1ODY0Nw%3D%3D

170 B
188 B

63ms
59ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzOTI3MzIxMTA0NTM1ODY0Nw%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 47567ce1-30b8-4ad4-b80b-8be04691f589
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzOTI3MzIxMTA0NTM1ODY0Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F250
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1

43 B
1014 B

68ms
44ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARj-k6htMAE&v=APEucNVGOWeytXKU4cIf_kWgalShD8RP8oaU-ZfrWEp49bxnXA4bddDLUHusvW9sY695Ft8aBxu2VM8b2jCn6xxqWTSKlNY8VYhdUcnAyhMaypVUxu1cls52rVPiLyGrJx1z5SCgTRg0_GAmgQb_l25n6QajtGyn7Ab4kETJo9AU05TBCeldet8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 16:03:31 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F250
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS.kU7oFK7I4D02AJBsVrwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2

43 B
894 B

57ms
56ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARj-k6htMAE&v=APEucNVGOWeytXKU4cIf_kWgalShD8RP8oaU-ZfrWEp49bxnXA4bddDLUHusvW9sY695Ft8aBxu2VM8b2jCn6xxqWTSKlNY8VYhdUcnAyhMaypVUxu1cls52rVPiLyGrJx1z5SCgTRg0_GAmgQb_l25n6QajtGyn7Ab4kETJo9AU05TBCeldet8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 16:03:31 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F250
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1

43 B
1004 B

83ms
41ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARj-k6htMAE&v=APEucNVGOWeytXKU4cIf_kWgalShD8RP8oaU-ZfrWEp49bxnXA4bddDLUHusvW9sY695Ft8aBxu2VM8b2jCn6xxqWTSKlNY8VYhdUcnAyhMaypVUxu1cls52rVPiLyGrJx1z5SCgTRg0_GAmgQb_l25n6QajtGyn7Ab4kETJo9AU05TBCeldet8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 87689410-da39-4072-8b65-b7037d321aaf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F250
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAzNjA1MTg5NDgxNjY3NzI0MQ%3D%3D

170 B
188 B

45ms
44ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAzNjA1MTg5NDgxNjY3NzI0MQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 06b9b756-6770-49d1-8b57-1c5a267f89e8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAzNjA1MTg5NDgxNjY3NzI0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5888 41 KB
15 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 05:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 05:13:39 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 35F9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1

43 B
1014 B

63ms
49ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLPc_7ICELv9s7sCGLyL068BMAE&v=APEucNW1aTpgHvQdi600lGWEHQbZAKZLbEN4iqPIYmL-aRxiCFwvq2cHqWJ-ktNj-nZCKFmsRYNlR_Ayt9AXN25iwWqxaC0MbT0goTGDc1osYLBiiCB7IATHHk-KaEWat306Vi0MOm4ykmtK8E98YCdR-ijbnRaSZHvJcJ8ajT8qkTJy0RJdq8o
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 16:03:31 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKD9eX1uXFQGqe1n6ANFvM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 35F9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS.kU7oFK7I4D02AJBsVrwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2

43 B
894 B

47ms
47ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLPc_7ICELv9s7sCGLyL068BMAE&v=APEucNW1aTpgHvQdi600lGWEHQbZAKZLbEN4iqPIYmL-aRxiCFwvq2cHqWJ-ktNj-nZCKFmsRYNlR_Ayt9AXN25iwWqxaC0MbT0goTGDc1osYLBiiCB7IATHHk-KaEWat306Vi0MOm4ykmtK8E98YCdR-ijbnRaSZHvJcJ8ajT8qkTJy0RJdq8o
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 16:03:31 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA2j1NAGaD2rtS7ZqtSNcPk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 35F9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1

43 B
1004 B

162ms
115ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLPc_7ICELv9s7sCGLyL068BMAE&v=APEucNW1aTpgHvQdi600lGWEHQbZAKZLbEN4iqPIYmL-aRxiCFwvq2cHqWJ-ktNj-nZCKFmsRYNlR_Ayt9AXN25iwWqxaC0MbT0goTGDc1osYLBiiCB7IATHHk-KaEWat306Vi0MOm4ykmtK8E98YCdR-ijbnRaSZHvJcJ8ajT8qkTJy0RJdq8o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1f4934bb-e49d-4f6c-9bb8-3e7cbd57598a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECKCIy5OrN4uKnHsMJk2pCQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 35F9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAzNjA1MTg5NDgxNjY3NzI0MQ%3D%3D

170 B
188 B

37ms
36ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAzNjA1MTg5NDgxNjY3NzI0MQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:31 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7a6bcdd5-fca2-466f-a54d-1cc3cbcb6db9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAzNjA1MTg5NDgxNjY3NzI0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/6964092466164447826/15390_Billboard_4/ Frame CD78 7 KB
3 KB 22ms
8ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6964092466164447826/15390_Billboard_4/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d8927ea832207cc82b4a959913d625bd4229dc5cfbb6462cdca031c581baa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/6964092466164447826/15390_Billboard_4/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2568
date: Fri, 27 Aug 2021 17:04:39 GMT
expires: Sat, 27 Aug 2022 17:04:39 GMT
last-modified: Fri, 20 Aug 2021 08:57:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 428331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5888 0
592 B 122ms
46ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGtuYlV4oD5KnZ1y-Oq4YAMFgOUXNYYrpzaq-30cLNtk1M6JBh4INVqkwnL7NdGDRNqFegyhjPLHimssTUZHCQS_Cm8BefhPblU2aBpdFwSgt9bUA-_djbK816CBTCo9xAhHPIqS3XgScfmhuUV4DikG4ksAOfLFk0h1G3EsddOJQn06weqGbbdj1i2EEPqsBdTfIL5aH10iHkjVhXuGcwue2zTdIIJCToHtPJxsOCALo1HfYnYrCDwwy_WZTXy0Rg_TUVksqnT-pA-f83DfaynFfkfFcehU455eeIBWPOxXW9M1J4v4dIFfIU1iizhB-qncN7SkCAWfNUvt_RZTLnsMHyBxcvJ5nmM9TkPnXd8aYvEIm55U4xiDZ7wV7a9OarW0MTAKYLB7GDCQHm2QJHxCUWOupr_7eutk6dbbyjJv7R3pLB7NtHUL-ASe4OLXOIHsqn6yikn8Ftpe7a4stMhVyZgaOp_JIbPlaM_kQN8b5fzgBY42102xQhFXqer0Hp98LZfFd1kA6jrvMTvJH_qzKj10NjYyH23YGa-nIF7e7kUeHganTeF1Opdep5099kG45WSEwhZLux6eP49znRZSCH9Tg0j9Bd1H5bdoPNLXeOqinnMt1PpvulJ_TMAjJKZxq9H2OZqR1G24o9dyBEZGY8fkElXcxHcAETNmv5W5FetRkUtFINYmoY9FYhYwh9L5o4h7uwaUB91YmI7Yrip95OJ7py-xHOv9fQsD2fboypqq8idvEcPeLfWzpilAaz5klDBmQENQKoDNtt-KqJ55mGSJQWPr4EVd26lFUIN5vR0HuAYXFyvYMg4Z4vCe_CAmXz115Y5vQDKbsZMtZmREu9qYA-sdaS2UyuhenAt3M51omPgzo7oRrr2XBHOTEgzXjAVKWwolIBvUCW6-wlnU4I53oPPXPS4_BHNoWgR6h3X30aGT0eACX22b8hbsMVfw6ZUpQiI3i8BKdolRNq1jPi6SoTrp5bFaAQhi0J-Se9s6pC87nufTbRxRb2g3sxCHJG-oN5eZc9ZtU_qnWdgoQKVRZb-hVR9eXW0Fs3igqlk_RrbTRn3DjjgCIX29LvagqXcZjOnXO6tmlcLBF-xn2Oh1S03g&sai=AMfl-YQ3QX0acOCqCw08B6I-XdoaRZJQZaHV87N3gEZPCqWeJjJmORJt9BSWrv0MrZlsTnigTOiz_nMlQjouYtaQt8cQsBf1BC3IhzbC9_6r3C4wfQwQw8Jc0vzSgl2XTLwtH-bdY5IS2-UU5YOAaSComLcqkbPcI9NdVfnIcALmS-EnHzQmvvFP72EPuJPoOWiVMZB3qeaiKCRnYVQ93V9rtGSXGEHnWKRfCatOKXIFEVOo4ew4gtRwj2ylE5zd3mIVolhmfxOjveK9e9uI36_1fubIQJvbMJOUOuwC8LJLCqhMvNvf3nD72HLiAPFglv5mIs4u3eoxpjALeVGjUqnScTB-Kbd0b4EqLH6z7F6Z7FtTBbzErJdD9f4OHCJPMxJ-Sipkh0-d&sig=Cg0ArKJSzLR5bp4MIoRfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=55&cbvp=1&cstd=52&cisv=r20210830.23833&adurl=

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 01 Sep 2021 16:03:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response
pagead2.googlesyndication.com/bg/ Frame 1996 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 12:05:10 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 2A0B 114 KB
39 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Sep 2021 10:04:49 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/ Frame 2A0B 8 KB
3 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHgi--x3SHs19NWhJD1NSSZ18Ecc0RN_GfJbPSNMHfAsd-clQkRhzDXX5U7MPH4MbaFWBy5VSIxhNX1cMeicQqzzriNuSK42ihf6M2zXzvqxXm7X2s2J31TO929809OnOv6qDuhYaRJKikHVtvsvX1ssA5zg&dbm_d=AKAmf-AFEtPD7QSdxATv_JmO14ZZDakEdbLyakyzpYDM9kNHHoj7dCpfvsZ_lyvJDCdQjQlyKjgVnZZKQGulIPyfXhyZHX1sLhQ8s7dCl9Vo31kadgATSIWlQ23GEc0ThrZTHseIX1aLscukd2I3fypTlotMnCJxrrl-NK5rmICFiiddFAv5LdknKZyc9cC4M4ECRv7lw2xhj-wGkf3SlAW_k82sxOnbA1wUp9l8qHSDF8CCIIM1duANGNbUbE9mhh1MVJeWXJuaUHtUgNR4zA67ibHMh-jwct5nQ0TV36rpPDBjoy7Eh6zUy8HCJOWWOJLNi_WTz6uHWG-ej1tkYttOwxAgrls8D_VBISYdb6bofxLLykVRFgQuEGPmY7vh-p-a2rdaAP_wak3XKYY6UNvnD_o8GVjJN9a3Psl6O9WogtxOLp0l-arVJ7pyrmFHSxSyXYhIU5bqZElf8L2BqyfN1rbQlPa_sCxVfXBgljP3E2rCsZ-qlym1gyqtLbi7H6RFxrnctjgqAT-TO-2Dk6zuXuD4VUpZUGImnolhuugSNdMySnMV4OVznFqryXnFWqIx7okFv8dXG8Fl5qQkWPSAt6aXxwVFqyEf0q5Z6YehnKlp4Sdwi5tFuNuDx2Dt4jpkS6_dyfg4BaY8coTS2kdMM6_uzmAMRw9shugpk5I1s5ncTxRX6kzkng-h01ziqqEcMqpucdPIGwyP6tClI7IoW6fO_9rG4G9U12ycBXFba932rRkwaUYNdRca9Xf8dlsCfzjS4adQ0PdbyDYaAO8x7pgtoWAAjZkUtvR_KHDewIL7HU9c89Id5EW66mWUFgC9-5d_J4wQzEIQTgGTcv5RqxeYBoafxkN8CluSGO665cwa2Hhcyt12BHP6PeETxVeGRdCyUXsfD2uvFwcTlwTfiPfMY2LTxmuyToqOigfTRxLWCVOpAmICY9gcMXI_Lz9mZ-wEGGxCjfxPzQOqcsyJgfpoNdKoeKIc39ND4e3_jPWQ4VRAwRDgvRHJvOjs8t9IBTmLVJyvV1O3YrAqFaMgrJ-tZ9gQVmo3HF3AGYjR7G_XcSurBOFXWaWtedVce1O8ZLr9XByYOic3xVnVr0uSkyAru87wDQJ-S7JszOLC9KYwSfSqe2v4IEwsYxl_E1QMeQ8ttC4Y-yX_o1GuImeRm3RdgDtFLPh3Dm5sfUew0w5QLLZRFjDGlrSxRFLpDBBpt_6f0QIYhG3qy5-mzhX9vKVE4c7r-m0kQ5oSmBUN0DBKhXTc02AaJiEbuxIMNniTiWzkBas9BwvUI_3ZcSIORpIKu7BDQa_aPJicRz3k6Ar8IKPGCezSRktQ72mZpXoQ9UF6Z97wvFR-WxXdDEQfHojf86L6xP8Tc84QmzQ36YLTm0OmIbwivWUDJG4qgEoInn0UsUvncaYdGN0gC2hpg_cRWiKkHx2zB2JGIPXV0cOEbGdVm2OOUQWWfrrqutZOryyUF-aBtB0i38nh5-z3C02hjDtWOxP0TOLTE7BWgwTJpa-M8g_F2YvNpWQmhkjORLPERJrNRuB9p3wUiL6nxiAtjfFLWJkzsOlkI6OVmgkIOr0AXnGTNGvBNMU8xZ4AO0rFG7pATRndeb3GG_gJrilhZQgCWmHVQAadWgBbrMbHd7kZDIgjTS7vzgKRwax3UOWxS4REK594MCeDWE9NqaRViJ_SG-U_iE33WtKDBh-rxGasW0oJXCzaHdJHKhTCXuWIWMK-oBinRRg5U6xychyvnMKkHHfdFbf1C-tgIeNXuP7PI4MUPxbXw-NcFkKH5nh4wN8lkvcz22xRHkTmguH52A4SCDU5MxEqk8HS22LWpteSZ5DjG2IjeGhtTpadW4kwHWqe5H2FITB5McBth0TtMLbK-uT31xRypgdZo25zdcgJYLyiLw70PKCp54lDgMq2sAp8-LjTSxTxr-zj3Dr-ERCpuFgCSg5SoEZTT96sO9Cfj9kcpEG0fNB2EtaSYvv92Yg4dS9NQ1LH12vhX4LzPsIOQf0WoXcItfu6RuYl3lFkmPfqtKTbNjX8K2P7VtxVQyahaxupN7M9gEFFNcf05p-CK4bWmDmM972ymamsDXrJ2R0Os1S2BdFguJTYQmtah89zRwrGUR-qBZU3LkO-Qe-74NAgpOtkxwz62P171Rc1BWvgQ_M5PKXdAhMTEJnkqFh2DRvhIrx2idmwzOu1D1Kt1IJJuTcpKU4wQ82Q2OS9W4nY52q4L7Crr9ov15mfU9geEaxSpdBoOnhgUZqD1r8ZjefGriZlYnOeK3TFHlcb6ZFV3xZDlLcFz1-cijcowxbeKQbI3-hdFBEfzTsPu13cS2dQjEmrcCvprLrmZ8AucvGee4NUoV5ybDDCTj35zVeB4Ya88yZVncH5KFkyAue_iP__48TNm_1QBKuNPTx4CQuq76p-5ofmu8RTSQcjRJnOOiP8Q0CDR5ZFysQcsMcm73yNBd3wZT77QqWgizKF3enU0EViBg59e-hJNlfjBaBU1Tc0kZiyA8OnyRRutpMYvJgtHlL6udK9Q2cS6dNpZ1wsD99TFSJQxUG26RNx2cQYicIhd_Dv0poWxmfaQFLOMG29rxv2nR_R7q4QURKxIohQpWM4n2gECgnIEvEtKQvCdUlCCEkCVz89FOvZm946lPocQKGpodI39_rlDshAqR3A70tOzSK11MYyVgYPy6UNE6RaJF6-YCmv-7qnHqSCDuSstkLU7KIqJMoFOMn3eJuDjDsRf0zoUyqVVYQCgJ1jXCO04MzF-XcQftdgQxTjToH3OpIChlfhwthmGbtx5-123pNA1nJS404QR6Jb5no27VGdYsduHebJohedemaouAb0dCX7_QTwL4Ix012hIXKvUbuKdd_wfR0OjnGLM1AexzuimMm_BTTEuxnd2YuzxEfQLg-1UOcOWOElN1m422xIg5lRKJ8fiaW5yxI6Y6qNtqZ2uBRCm6mNBMYU1jDBg7Djx7RtRid-zaYGOursEVz7AS2QUqUn-X79YnGlPkukjqSN-9VtsWkbnqpAs57UeHHUPDGjtAoSOjXXIu-lxoqnWaI_Kxsw73Nw7ArgNPixo_8fQd6gn7-i_5mKxg5UeTHTOOLadOOCAg7xVA8HHp1saaGktfX_b3dGlwg1KsDQC2ZTEpovpGFfPY02HanijtiZacXbcvTgT0fJcVr7ultIQUZ_3nxisVQpOKJAs49i3Nsp-WQEHNFKfnbBbYdXNTVS3jKvjvIQeYpn0wLjSKQ&cid=CAASFeRokkXW6oR--ZahK55n7L7JZiUFGQ&rfl=1%2Chttps%253A%252F%252Fgofobo.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 16:00:03 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 2A0B 23 KB
9 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:58:16 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 04BA 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Sep 2021 05:13:41 GMT
expires: Thu, 01 Sep 2022 05:13:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 38989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5888 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b9864025f7f6cb9c4194e0fbc24550ef2c639233a9ed37dc74b1d5ec5ab8937

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 20E9 169 KB
58 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Sep 2021 10:43:18 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/ Frame 20E9 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUPoyYL6hJPRe_XE7YsJ2Hi3i9OEHCP54YLylwrob-qwo7uS4Zb8xyRSkQsAnkLFmQ9cEX2N4MboC2Y5rD5dYjis-cPXbe9TehWWiEz7HHxP5ltAMeYrVg3EwmTd_ItxJVwfwmb3PFagNz4GYZsDBUyf5iEw&dbm_d=AKAmf-AlHujs5DOyTEk9fGICj3fZn1U15EYQUfDwliOBubz_h5-feX6IJbC0h-Jo4tO7M7R7ME8F-ovxWWXv5-VYcgMgT8iz9fWYwwcLvELYfYBx0LlQwI1zV6rUotQNp7D4YyX30zdE7E0Fpz_ehpXad6NBHxVhZNoot3Sc0mPPlfNJRuzyfKE32AcU69WqaFH9Gdf_52qmoESsNhs7aHXw1bQl9w0ZIY85EJWzNVOmkAXeFSGiCb2DQvD4t1GPwP4b9awqj9JkeQ0uI1deUG5B3q5PgGrzIsBsgI4YOXqbIC9t9yX3kGNr-jzkpJYrBEw_D9hOqT6c5UUqeS6-AF5Y4uT9AbQzGJPbSVUO9VQqf8ePSPafnn0wl4wfSmldRy7n-VCI-EOG9_yBrSal-pwNk4X9xXohSI-khWYRHAgqqZNK2pzfl0pEYGEkUU_DdfIm0Ng1eyh7fWdk-_fohuLpZFm0UvHltLYn_kWIkvXiZk6rcymIhKnsW0sZdoc_ciZlRQIh2j7Et7jd_xDYJHWJ28tqXEmTcglJu8RFDXhqRp41zE28TzeOsGot217qOa8hEADDc9KVQxfMrUo16HX3IN8VrhootC9BXcsXQh1PrQuM4KcOCcYDYgMFoRZaXY4Adx1niLEuRHQIvSTXkwRIYfCuQonjhrORyz3iFZwaDWm1EQBj0gkG5YAYErxxnKKtBSllUhqYI6Pgn6yReh4tx8aiNmF-jJSr-yz3qXrTFjLd0dMFoj2MowaqZd4I95a3utsrqVCX0ahrQjCREGmDLw3IrAHFkF14-5pGHZJnlwDqgMtp7jcC15J-UNxNntXlN8-GE2XNXTZTeLPBBc31ALv6VgnlKctGDFas1m8WQj1LjXab6upneZN7Sk9yg28mazSBhomixoufPPHKl2pB0E2vBQlM6A44emTd1XK2veUAEQhUVll2FBXpCkAzUc7x0sP8ey3V1pvAd1nmXlNVqzFa4zJGvzGwErtJNnhNdloqRnmUspxZawRj2fbfogUa_y2H4VdQFMxTEbR-jyd06CA6LiJp5wSw8hDM7zjmjaknSszvJP__C0HcF1pTg_cV3wHgBe1y653bQhMfAKbZXMYXvekNg9uY03fHFqvTVE1XE-3BU90grUKDEaJqic-mhiAQREidKlsJPp3oJ9liO1CTKeIC2WrAr8MXZwMOta9w1IjLhLYeDB0sJscB2g5aeocxMGc50SsuZaG1qophU_bIHHFcnVwudeiphtGOSstSLFosdat7g04XhD5sVkh8YbTRa5-E74hGgNhA-3LwSE-lnzXYNkD7DJh1sK_pFGagXO_Tx0vOYAgjmJGQ0FWUAizeycMmOmZDRklFCi1Oyn7_EC9DoOAlnG7FSg3mQKD2aXt7XdQkoDgCJdXH_z-KNmlcuxDU86jC_kkSEeYgPKR4zOc8fAVxQB70zFy3oN8eQdPxMH6NfvWfaw_Tbm6u7aJoquxW1pyWVYhatcbbsk-sOfGvyiK-w_QE12VkZpeV4gV9sQ1CxpJODztlZBVj3U3Ni4OsqRECmIA5zJQMlYb0_YkFiLV97y9PTnVRdH_clIpzDHYt5W0baVeRXZjOLKp0D9A1LjQzlLouORdnWB1VkVOxQp3Cl76y-knpfkoY6u8OXL-mKx80b5A_q7ElFCPZzNrl3E9peWb4HMdYIqOqtI57GS0vdls3hLr6RiQYVzTT9HepirY1-pUUQUQfDvDbtSGpMuSZaQnh0T6d8y7iQA7mDaX2QWaobN5sx_fw73-JHYE-Tl8HwxS-FSccxQTeU7EuqlHHyajBS5RTC3rVq2Ya7cA-DmjAv7nu9qhf_we-kVQSvKAEcQGVD088U_8f6oXUXtkWy5pNqa4ApBk3M7VSEtQC52Di0IFiWNRI5jUCvg-ECMT3s8VBihrOKpy8YV4V_euuHEKf6Wuz_TR2K9P0adoHoY8-NwPf4xoMBIU_ojjwk0vnq3E8v2HwSKbwqi02PfCRq9KB7Gj2tUb60BsYGp6SGI24qpbDvlvCsitMnJpMzTXLTCAoGevUcTki3qBYerHM9qXQrcLxPcy0ik35WRT9aDF_bc59Wbo2KIFqLYNdeG4wqsUObfu4ie1ST3jdf3VNWXotP1GmvBSjUmVCqbl3lNXWIVt29aoqgcB6eKJW8k1CDjbZoDGAS4Tydgjnrq9nLIsIcuh09E-k9vGDvk2l7BNnhW0mJrAxfKySECkRtgGapRkblA2uv8Q_E5FTBrGUURWqWCOB258YdfN8CRVFrBpOfbuYMeW5N8FllnHqubEoWDym1iY81WYCDX0bRQZJDgkY9niRyGjBtpGbIhxKsY7_S1rvk-YvMjWsPWiVcOZ0uQhVtIRXbTYmFpRdnvyXazHz9YQwKsTOdnXpjt8-bzHDq9fAGAvsX5gdanTBmj8TieWBtKn1DoRSKuJxtCDGC1LE-UDVsC-L3lFLjPYBjMGzDwi1ewP76dktxPfslVTmg9VQvRaV2Aq8xXGlmqj4Ok46vIF3eBnRHVdflizzGN3wdZy26G1hVS1plpDtmCIxwEmbA1t1Kt34bP59IC2smeORogQrKZ2iNbpQDLhjZ0tXpbM2LNR_fjaGTDzaPl_iA4OQZsVQYt9qvp61VVQdqZfIOY0pMM3qxEghU-6P2AreBv00iGNNGaBkJPhvbGgMN-09PVVADoOAz7AizkuMM9ZzualN5jQ_-cAqbj5T-0NZCiFh1iMZraw0XhMC6MDrcDSGeOye7VQgZ98yX3byzzvEpF4AZ5GTQ7c-SPeyXh1a5eP1oEH8P5VBb_YRf9XYq38i-Gg-ys-2W9f-B9BqFJWY7PSL8gn8a9OhjJzn9PETWQXhbDcABT39b0qfcpiICXTxEaIcpjmfMZJKF6nz5GkHI4gWt51Ay9kxb5tlc_6Nzd0qODr3Q-i-Mq4iNlX2c9hV8qFiufhejGUqt_z5GgLM6z48vHtJO4UAWT_iIgupVftFPKkq21mAfNjmsNAlGgELjMHTMOpK9d2o07Y_14ZWLabM3I6XCOu8g3cyAD59aQ4Ftyv_5YWQsWpTnJLa-9IelMTToefSAvml3Rk6dy2sLNCFKy74apH7aw2D9ZvaEfYKY5c-Dld13suYdh3nvfx34Q5IDW8LdLm-Z-gMezMUnMt6VhWbNtG9cjShEl83HUtq-nVk8rvRqK4XeYTHv6IJ2YK7YrQT65F05-l_fU5W8ElhZGk8nMLxYqTVQPqHBtP32084nuw7kQE&cid=CAASFeRoOAnoQPv9T-rhWXPNIwQxllKsmw&rfl=1%2Chttps%253A%252F%252Fgofobo.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 16:00:03 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 20E9 23 KB
9 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 15:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 15:58:16 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/9886474/1629463314265/728x90/ Frame B4A5 9 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9886474/1629463314265/728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2b0a816a46d16fd4239f22ce2c8fa0effe3c621b27ca602b6a48080ea0b7083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9886474/1629463314265/728x90/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 3203
date: Wed, 01 Sep 2021 08:54:26 GMT
expires: Thu, 02 Sep 2021 08:54:26 GMT
last-modified: Fri, 20 Aug 2021 12:41:54 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 25745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2A0B 0
24 B 79ms
44ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssuHqf3bKVoGVOsgvE8yAdfVfOa0zi7Y42bCkLnKaOPPXO6RqEnjpy5TZaH2ifZqMx8i6UDthlqYcODtfl3Zinvlvm6Qwd0VqWQtFMVy--TRa2WR-0ZHiEbpXhDZfVS3iAATzOiTM5hydOTXvln0jSwyhtMgkmLOlmPEmGvXb5TZb7zFdxsH8mlKa1JcAka8lNnLTvdZPXuiFERAvsYLLFRbUHa59vi-VW6zI-QDjqWwrwXRUWe4jQBZcsFJsJN_847C3iGWWLF4vcTAjRBlV4ILtZYauKKQcZAPe0-5ZO8LBM-Z2IHvWGXcqVeuuVdrqGvtG1g7tomU_oUKdM7tOAzBYO7-t0P-cXpmRlrX6pIYXZyuTaCz2gcJt-yGBz1mWVegY3U2lKNTKwq3qh3GOlCguzRzncXKkT4Ufx4_MYuaTmOf7MHtTplt2k0aG6wGFpP47EgLN5Go6WgUrB7r5bmuY_xDgI97JmQKZ5xQan_GMqiZWWtgEDNR2xzxfcufhyKzQzSYPLBk-2pZ1gw0yVKjbLojTDqcpOH9e88czOEZEy6x6SkVGWYXemlP8TYEOf8xRHggXLsfNwvcBrQI3hNJG1npqd8yKUAWUY_03buX_LfDJ5DK9ODHmwlu0Qwgp6OI5NI7tAJmz8zE5JkJOXmakhrOu-KiLlpsrJaTaDNwje503arkUy2Pu5pbj4n_5Ciyh7NnEopK_6iKDH7yv7WwOkXQuutDB_4G9V2a1oUmim6t7gErch_SIjhQnvkCv92yp4cWLq5ptCUVWCGJr5RBNYKbrt9BNKmopeYX-OHmyrNFeSI7d9FvGnZFBJXt2Rht9FLQnREJEhWtcJNQFFDWSDCgoP21gERaOjQbk3nUw65mmPt8QoY2L2sW6u7DD-AQJzsq47j-t5z87xAMcxygXjcvYrVl3NzS2O_f3A6YOJLH755oez9B6Y3XOZpo0h5zJtOvzAZbd6sxGTt3icIsbfxQim4PE95LTc4TtayMzAXdMNkXJrmYKUo1JCeE1n5ejWJWbnN89FzJYi2rf0Vwvq51Ao_kBh5n7SyahppMivxEvYR68zeqEfbMdvJp-FM8_29hik0bUaA-pgEfDqTaid6GBmbko0J_K3rxlUBQgvlnSeler9Pr0XdI4GNl7sRN3hA1k7JMrN_Sq29sk3bLP8S4r83dFyIUgIt53SdTT4ejOU&sai=AMfl-YQ9ownBCiufYIFYA5Vs9DZTeoM8pWi5ZBvSw9Xvio7lBlCM4sIus7s6TC4aj0esEZSpMKR87vXH2zW9ETTbKQ_YX-laofPUybcPtBafyO6HCB6fXcLnm1X3oJAPFm6TKRolhCGY19AgOjw8RzfYM8c8Ntc7fvhbQiZajAI&sig=Cg0ArKJSzLFydkW2mME8EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=175&cisv=r20210830.70193&adurl=

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 01 Sep 2021 16:03:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame CD78 236 KB
63 KB 46ms
18ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6964092466164447826/15390_Billboard_4/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:31 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Wed, 01 Sep 2021 16:18:31 GMT

GET
H3-29 200 main.js Show response
s0.2mdn.net/sadbundle/6964092466164447826/15390_Billboard_4/ Frame CD78 133 KB
23 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6964092466164447826/15390_Billboard_4/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6964092466164447826/15390_Billboard_4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bce2acc49e6f9085c316048bf20e2663768d138d375ab5ef6c3539780d9fe2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6964092466164447826/15390_Billboard_4/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23013
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 08:57:50 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 17:04:39 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2A0B 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 05:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 05:13:39 GMT

GET
DATA 200
OK truncated
/ Frame 2A0B 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9c1f8fba628e874e377e8a87de7e629aef2284e60d6575a17b750f23fcd7ade

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/367430472684273664/ Frame 5ACC 76 KB
21 KB 17ms
16ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/367430472684273664/index.html?e=69&leftOffset=0&topOffset=0&c=PNXlCjvSFB&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10bbabdfe2ad3fdf4e40616a46b0ec1fe1492a1922b770ed85aafa0bb68556a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/367430472684273664/index.html?e=69&leftOffset=0&topOffset=0&c=PNXlCjvSFB&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 01 Sep 2021 16:03:31 GMT
expires: Thu, 01 Sep 2022 16:03:31 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 26 Mar 2020 11:07:11 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 20E9 0
24 B 43ms
43ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMS7C2Rcqx960At_-EIBQE6EI9ZNRMPxVT70-ua7r28eSnQLT9439GUcOGOFlT7PH1fTwMfNoKmb2tfucNvAFvrDceEBmAMCnguWekEvrsjgEYIXBUvJcaaSH2VeX272EmC9ybxWVijA1XeKGE5OhrmH_fnKGZYT6IKPfDCjtKv6-BNQf8WW8DPYVKJQBTNb91i2za8nUaqgoofQgcd_lgxNORKN_89m67aFvvZDBhihMst4tWAEgrZZ98UizwBrFKiBPa3Ybku3GvTOW43kmp51ErHgO-lMzYknDnKhZQvY4kWK8SFCJOtckbCI-8COjHfPsGx2U3Y3kHR3i7jBCOFjVkUjOVHnTEZPykTL77PCqV4tDnaHwqZVF-ifcLbvBRwcknJtge2tDvx_YdBr84Dpa4DG-cm_iL8LEMFroegAx-FfTKrBPwChWVYbsLYtHwtEPX4zaUK_xmY2M5qMEvZKukz_mLcYpPtv3kYpj833zohrLwl2UMuZV-xpQwo6rI5kjMXz9BsueN4ioloncbN7eePWRoWr2ULUanwemA4KnhIHZhCNvi4Leda7AwOj0fxgIT0cANU-NH2CInc79RTJZLq2zj3oeX_VShWtFJc9zzyh7yEh0Sy-GsDMzA0f_ewW5gi3HjCOGcty0CXh65csmzsneuCIuOO3NGGIUPbjG0BWQki9g49IrmrTbWhLY9WwVSV-DYqSud6Xi-NNaClQhdrgFZh3Rmd1dx_bo-bhKOHKkzcfEvKNUTtbxkbTSSLtmNM1F5V-PWZeiIgRh6wEs1HlgjLYboIBSrXswm--MNLlMdj2m21bgkNKmlt3JWCmTTWhw4LL28N6KD_kejZs7Vcnh4fGCID0O29tLDovi0FTTp9AAMC4vH2vhnPMfBG5nfyn8VEK-Gz1LFHleQACzZJ9tG2f9wEFHBQITV1B9FBH1CkiutL63B6IImV8ZWuToFJJ_MFSX-AgDIYOCXIGYOdRlc5k-RA1DyPizUvS0b9ZoSVojuLH8Rw9SM8PyR3YSc62BuEp2U54uVNQYFyQ5lm6vthecGiKGzbJdEhiev635O8PG2g9dpjVRtA_y_mraSUxFyukdHCVMLyEM4R5aNCblXanAj6U9T89cT91TerAq9CClAOdRvoR6BIqLMaARKA95hz3GCnOCA7zuvtjX1T9maIl98_w&sai=AMfl-YS6NADfs_GBJPPQN49KAKNS6sE20f0h3PLa78cb33AuhmK0LANAYHf69AhdDTBmPogRVsCx_XSYdK9QANsegd6vN-amsvEgqTht7vSHwbef5JXlIZwDlIv1Kt2mC7huKY-3n3MfZgsIcbpWoyzkKyvIflIHq8xSGDKbA-A&sig=Cg0ArKJSzCBuc9WhBxJTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&cbvp=1&cstd=157&cisv=r20210830.10934&adurl=

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 01 Sep 2021 16:03:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 20E9 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 05:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 05:13:39 GMT

GET
DATA 200
OK truncated
/ Frame 20E9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3be08e97d2f7d7e1ee22813225c2ea1959913aca485edd292a4dd6a58a85880a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2A62 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Sep 2021 05:13:41 GMT
expires: Thu, 01 Sep 2022 05:13:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 38990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TmHKmzNcEIQHiD9bxwAx5GJ7ufkV5pqy_sm1YHn63jg.js Show response
pagead2.googlesyndication.com/bg/ Frame 04BA 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TmHKmzNcEIQHiD9bxwAx5GJ7ufkV5pqy_sm1YHn63jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e61ca9b335c108407883f5bc70031e4627bb9f915e69ab2fec9b56079fade38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 13:37:03 GMT

GET
H/1.1 200
OK 970x250_balken.png
68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/ Frame CD78 735 B
1 KB 139ms
38ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/970x250_balken.png
Requested by: Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0b33fb8b9a09c656f6e8803fe40ff865d7fe22b4fb4438aa0ec6efc81e80478f

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:31 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 03 Aug 2021 12:32:21 GMT
X-Trans-Id: txaac5debeea0349f181c40-0061231e67ord1
ETag: 426c552baad4c5e1c3a333b36fd67111
Content-Type: image/png
X-Timestamp: 1627993940.22601
Cache-Control: public, max-age=168465
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 735
Expires: Fri, 03 Sep 2021 14:51:16 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5888 0
23 B 38ms
38ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 16:03:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B4A5 236 KB
63 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9886474/1629463314265/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9886474/1629463314265/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Sep 2021 16:03:31 GMT

GET
H3-29 200 threejs_1.0.0_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B4A5 584 KB
147 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/threejs_1.0.0_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9886474/1629463314265/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd0bb6c699acc574c48ded9499338e69d00c4029bae6512b669b5db74dd8fea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9886474/1629463314265/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150720
x-xss-protection: 0
last-modified: Wed, 18 Dec 2019 22:27:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Sep 2021 16:03:31 GMT

GET
H3-29 200 index.js Show response
s0.2mdn.net/9886474/1629463314265/728x90/ Frame B4A5 35 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9886474/1629463314265/728x90/index.js?1627026972601

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9886474/1629463314265/728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c76637b902946af4fbfd2f64febdbef5371d4bd30c3ff6db4fdd542f22fcb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9886474/1629463314265/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10239
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 12:41:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 02 Sep 2021 08:54:26 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5531 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Sep 2021 05:13:41 GMT
expires: Thu, 01 Sep 2022 05:13:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 38990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 5ACC 5 KB
667 B 35ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:regular,500,800

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/367430472684273664/index.html?e=69&leftOffset=0&topOffset=0&c=PNXlCjvSFB&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eedcd858b717d51a55a283a8c74d9ee4e8d0eb247499263f53b84f91338a1e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 15:09:52 GMT
server: ESF
date: Wed, 01 Sep 2021 16:03:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Sep 2021 16:03:31 GMT

GET
H3-29 200 Enabler_01_242.js Show response
s0.2mdn.net/879366/ Frame 5ACC 107 KB
37 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_242.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/367430472684273664/index.html?e=69&leftOffset=0&topOffset=0&c=PNXlCjvSFB&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/367430472684273664/index.html?e=69&leftOffset=0&topOffset=0&c=PNXlCjvSFB&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 20:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37452
x-xss-protection: 0
last-modified: Thu, 06 Feb 2020 15:49:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Sep 2021 20:39:18 GMT

GET
H3-29 200 _728x90_keyvisual.jpg
s0.2mdn.net/9886474/1629463314265/728x90/ Frame B4A5 31 KB
31 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9886474/1629463314265/728x90/_728x90_keyvisual.jpg?1628076858907

Requested by

Host: 5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
URL: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9acf52620c3c84b79ad4f97ba2adfe6944633c8353352cbe93a7bc141495e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9886474/1629463314265/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:54:26 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 12:41:54 GMT
server: sffe
age: 25745
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31532
x-xss-protection: 0
expires: Thu, 02 Sep 2021 08:54:26 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2A0B 0
23 B 42ms
41ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 16:03:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ Frame 5ACC 46 KB
46 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:regular,500,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 01:34:40 GMT
x-content-type-options: nosniff
age: 484131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 01:34:40 GMT

GET
H/1.1 200
OK 970x250_buehne_tief_dunkelblau.png
68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/ Frame CD78 12 KB
13 KB 41ms
41ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/970x250_buehne_tief_dunkelblau.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9945034bc80651c724cb6471003a226072a8593d5dc82a8c33483bfb39265f6

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:31 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 05 Aug 2021 12:59:24 GMT
X-Trans-Id: txb8dde3ba93ea43978ef85-0061231e68ord1
ETag: 6638dde434ee3b98e177a511634322c7
Content-Type: image/png
X-Timestamp: 1628168363.00772
Cache-Control: public, max-age=168561
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12489
Expires: Fri, 03 Sep 2021 14:52:52 GMT

GET
H3-29 200 3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A62 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 12:05:10 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 20E9 0
23 B 39ms
38ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 16:03:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 _728x90_loco.jpg
s0.2mdn.net/9886474/1629463314265/728x90/ Frame B4A5 35 KB
35 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9886474/1629463314265/728x90/_728x90_loco.jpg?1628076858907

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ed1b926fec4b503787cdc1034fd8dcfd0853c3d577457284fd519a718016200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9886474/1629463314265/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:54:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 12:41:54 GMT
server: sffe
age: 25744
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36324
x-xss-protection: 0
expires: Thu, 02 Sep 2021 08:54:27 GMT

GET
H3-29 200 prod_studio_01_242_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame 5ACC 30 KB
10 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_242_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_242.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68a1eb809781154c2c6dd9ef157e3ffa54c45afade2bb70edd006707d28c3a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/367430472684273664/index.html?e=69&leftOffset=0&topOffset=0&c=PNXlCjvSFB&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 21:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10358
x-xss-protection: 0
last-modified: Thu, 06 Feb 2020 15:49:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Sep 2021 21:41:50 GMT

GET
H3-29 200 _728x90_moon.jpg
s0.2mdn.net/9886474/1629463314265/728x90/ Frame B4A5 29 KB
29 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9886474/1629463314265/728x90/_728x90_moon.jpg?1628076858907

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcf713c480cdeae61cedca8d4b8d58f0d8a61239b26bc331650b624d6179282d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9886474/1629463314265/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:54:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 12:41:54 GMT
server: sffe
age: 25744
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29606
x-xss-protection: 0
expires: Thu, 02 Sep 2021 08:54:27 GMT

GET
H/1.1 200
OK 970x250_buehne_tief_hellblau.png
68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/ Frame CD78 10 KB
10 KB 47ms
45ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/970x250_buehne_tief_hellblau.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aefcc9475487c67455a78bd1d943e9de953689a488515e8be215be61c9c0bda5

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:31 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 05 Aug 2021 12:59:23 GMT
X-Trans-Id: txf8faa21dd9424c8dbbd0a-0061231e68ord1
ETag: d4bbd1b8e2b228a82d3882280ad0482d
Content-Type: image/png
X-Timestamp: 1628168362.99342
Cache-Control: public, max-age=168457
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9929
Expires: Fri, 03 Sep 2021 14:51:08 GMT

GET
H3-29 200 3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response
pagead2.googlesyndication.com/bg/ Frame 5531 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 12:05:10 GMT

GET
H3-29 200 _728x90_plane.jpg
s0.2mdn.net/9886474/1629463314265/728x90/ Frame B4A5 11 KB
11 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9886474/1629463314265/728x90/_728x90_plane.jpg?1628076858907

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f671304fea4db29141b1f82766d637342dc9a6cadbc7ef2370397b2b4254984e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9886474/1629463314265/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:54:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 12:41:54 GMT
server: sffe
age: 25744
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11205
x-xss-protection: 0
expires: Thu, 02 Sep 2021 08:54:27 GMT

GET
H/1.1 200
OK 970x250_keyvisual.png
68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/ Frame CD78 149 KB
149 KB 48ms
48ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/970x250_keyvisual.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4649831407dc6de3957b170dffcc80223669a1c712069a20118a3f533c9659f4

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:31 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 03 Aug 2021 12:32:20 GMT
X-Trans-Id: tx4b856c94c52146adadd0d-0061231e68ord1
ETag: 6ee02fc6975f619b03305911070d227e
Content-Type: image/png
X-Timestamp: 1627993939.48334
Cache-Control: public, max-age=168466
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 152220
Expires: Fri, 03 Sep 2021 14:51:17 GMT

GET
H3-29 200 11343155908006261791
s0.2mdn.net/simgad/ Frame 5ACC 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11343155908006261791

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfc42afc5beaca36bbb2fb8f1d37c962768d350f6c3b290a315fcc7d1b103d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/367430472684273664/index.html?e=69&leftOffset=0&topOffset=0&c=PNXlCjvSFB&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 16:53:38 GMT
x-content-type-options: nosniff
age: 83393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3028
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 16:21:01 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 16:53:38 GMT

GET
H3-29 200 7689218547123286793
s0.2mdn.net/simgad/ Frame 5ACC 74 KB
75 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7689218547123286793

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f6e971970c0c7e048524a65dab048d3fc487799b83db98bf138d7b03b69fa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/367430472684273664/index.html?e=69&leftOffset=0&topOffset=0&c=PNXlCjvSFB&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 06:19:50 GMT
x-content-type-options: nosniff
age: 35021
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76278
x-xss-protection: 0
last-modified: Thu, 09 Apr 2020 11:12:35 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 06:19:50 GMT

GET
H3-29 200 7689218547123286793
s0.2mdn.net/simgad/ Frame 5ACC 74 KB
75 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7689218547123286793

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/367430472684273664/index.html?e=69&leftOffset=0&topOffset=0&c=PNXlCjvSFB&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f6e971970c0c7e048524a65dab048d3fc487799b83db98bf138d7b03b69fa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/367430472684273664/index.html?e=69&leftOffset=0&topOffset=0&c=PNXlCjvSFB&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 06:19:50 GMT
x-content-type-options: nosniff
age: 35022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76278
x-xss-protection: 0
last-modified: Thu, 09 Apr 2020 11:12:35 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 06:19:50 GMT

GET
DATA 200
OK truncated
/ Frame 5ACC 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK anfuehrungszeichen.png
68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/ Frame CD78 3 KB
3 KB 42ms
40ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/anfuehrungszeichen.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc7b8ab1c97bd9ab13b0f9ece7f6881c1b20ba06139767a7f45d2d0807178e62

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:32 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Mon, 09 Aug 2021 12:44:22 GMT
X-Trans-Id: tx4dd3164949464ae78e248-0061231e69ord1
ETag: 4c7e0bd2a950212c98252d2724761d15
Content-Type: image/png
X-Timestamp: 1628513061.33541
Cache-Control: public, max-age=168373
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2954
Expires: Fri, 03 Sep 2021 14:49:45 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
61ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021082701&jk=188377081892053&bg=!CQqlCk7NAAZOkH6FTpA7ACkAdvg8WsDgNjdvIuyUJvd6Yu91QIZy9D5hMWZmh_ZkjpLv2dbNMZ6PugIAAALIUgAAAGFoAQeZAm_ek83sGFQTrE0bWSVgX8GHrCdIs52nOrxq6qZi8mYWkWyWW-o7u4XxzwGQjhRMWt_Y4Qe4-rAESYnWcLSWXmyNpza_YvOk3XLBqp4vXb2Mzol5gDFX_l-qUXaJxpVejQp9557KDDwbV5FJK4qpqnYnt1UmZTP0WzW0fzcANLxBcdyvmHCaAQn3gK9hLiAwKzzELPFv1_NfJsGI-UeD8uEx1hb8TC7CJnnwv2o0245T3TLSlJ_8zeFjrEDjUF7m1xTXjgZSpcwxxBcHWm-QO81BEk_A49SvbMBqk7oJ6cUJIxQkINQWwCL9GJRtwWhYOeAXpfitiR2KGWJiqcGU6B53cwycosghT_7QeGVL5yvhXI4goKIfuvfnPRKnZjPeVluNIhkua7gnjEjb3asErpMJ1GyBb3Ju_H6rMgHDqH0ovPfuzUwUSvnnGPL5BNp8JpvsTM8AYz6zFzBTpxnFOJiSdIwQ4QfLr3MOWrpCfmpZb-iHgrswfRRYTAg-nLkfTRMjgcECUZOqjHoxeD2FH-Orow1WP2HbI8A5sI1ty_2rQj2a8jxyVRpbFzdJ523ukze0nRn6ewJdfVQyYbxcJu4DGvmBdfbrMbqLhotUMSWLBgSEW-DNHunMSvg3nX229IDMWE45hhH2vRGlaBkbQUoPIhCSdWa8sA2pmDJhNZqHMiqu4xs1NDOn2FjO23ZBcncxFnf3no32RERqqY7fqI_vJ6EqFh6_9d-7WAo1NpLOH8sIm8MxJLLO3PX5c6I8PJk7WG3vDXvv_pAaSETtMkAy6la3KgjL0cOJdK2U2BhS6eFz_Lwza7H7YAMCbxwvEA
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/anfuehrungszeichen.png
Requested by: Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc7b8ab1c97bd9ab13b0f9ece7f6881c1b20ba06139767a7f45d2d0807178e62

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:32 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Mon, 09 Aug 2021 12:44:22 GMT
X-Trans-Id: tx4dd3164949464ae78e248-0061231e69ord1
ETag: 4c7e0bd2a950212c98252d2724761d15
Content-Type: image/png
X-Timestamp: 1628513061.33541
Cache-Control: public, max-age=168373
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2954
Expires: Fri, 03 Sep 2021 14:49:45 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04BA 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAmRnUaQvYcKBMvuS7_UPray06AgAAAAAOAHgBAI&bg=!qaqlqu7NAAZOkH6FTpA7ACkAdvg8WjT_YAc3laAi6PMVE1zYPcranjg2qs3QKqMGdcHbM9rGOfRQHgIAAAKmUgAAAC9oAQcKAL4Ub-MC-T-8kyKbjjiD6yI_rm9_A4nvfPUTWAEo9fDE6s35IHtr5B1nm9eW1UGTU-4Bh93UE9I9mwsg6HRaabS6DUYmW-KU5d8XPEqbclQoR-E7hgDd7RLs1RtCSCfHh8Yoq6YNPJ1oOr2webdGy7CfdQTGIYMDwuwUte0Ob4a2EWkCrHrh5fG-pOd7Y7pFS6_sxBk3hfdDYAw5rR5yHFaaVwYuyJeInPxTLUBZDIug1xto67p2Ntx74EdkEp-nmQLPHdMM8JZXceMnTAav6QpqGgKlOE65wDs9fddLGNZ15ES2gz2p5M2ukzAD3Rtu-OiC6YDMJ-s_KHLufbLZnxycYZpfZRWSTjLMI9KhskU52HOzSdGtMN10cfecMFUTgtE_lShQPeIearfkhJWoy60Zmm9nEf9ntYVrbrsc9swdPqfB-cPAN32vUZl6Xa3uBPDMF7xrbo698QYle1UCCAlJjEUgUuXMP1baRPM0tbNkyTp7BvwXpaVFoJdWuv5UENQ2xZ2Qdnjnaeq-C7zOPzfLeZfN5FzzsyrEFkP-_G1piGntHMxRVejo27IpTy8Gu21RFPdCbztVxhpd9W-o3FIvxRJW0q8jMnxUW8txfwDjZybXDVXRPUc6joWUSGL0eUd0wJqrlYtck9I-vxRtPXuwNZoG6_zMMWsjE3UwMNIw42AfqX4UFwmZ7TMSbhBGpjQpfTwUHKF8Z7uyBPZSmuJ9RDnvqtPcoxRpZmBe9nSOZnk1GGinIfiy47bbijS42mNYm-Da1h6A96a8F-Om20dnebrzylKIYJQ_pyQ44MDABmjPB800GDqOjBkl6x4_7ITwRR5Ky-aH_J78WSeGo3IXW6w1eW1fGu6vsCtm0239WDB15VL0lMR93WucbEZOstUphgvXauvKE0U_KHWOhKbXWhBD9q28ILqFU4hpVcsIf9quYpGe2FA82JnAplIzLEJgfUsjRV15A7BXNJotnA7cqyV6rkoN9jsWF5LEfrq7Yr647-OCGMKFPmNQM2Xq892M2DtlKcxIN1U3f7CjOEEpEsq205Q_P-OTsrH1k2ojkBdmSC862NDDsJhS5jG2r9bhpRhtjahwLbGOO44CPcEuQLTEvxcJpAj1tiUV7mLXDktTtP3dwuiLbs7mmS5r7LxjMwgkIgzrIjVGtz2qFjGwSjMUzG8dYEbgIrd7RYPePl-dWn9_ab7obB9Vk8q-b_I

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/anfuehrungszeichen.png
Requested by: Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc7b8ab1c97bd9ab13b0f9ece7f6881c1b20ba06139767a7f45d2d0807178e62

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:32 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Mon, 09 Aug 2021 12:44:22 GMT
X-Trans-Id: tx4dd3164949464ae78e248-0061231e69ord1
ETag: 4c7e0bd2a950212c98252d2724761d15
Content-Type: image/png
X-Timestamp: 1628513061.33541
Cache-Control: public, max-age=168373
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2954
Expires: Fri, 03 Sep 2021 14:49:45 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A0B 42 B
64 B 42ms
29ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0-JmTldpnv9Swyk1uXNqRK3ynV0wAPHbhIZuCqBbLbcvAWcQ4tGZRmrpfSDBYLUavuyoqO58AS2ERe1fkcqjxdQ_P3LWEnzcCRCLvx5MXAFc4hcTEtEEK4HqagQ&sai=AMfl-YR9AzYOC9fqBss9ajhaLMy2cx5wm6BE44gZPKK7aW0Vr-RnYTAQPz6w8t6lmU6TdYIh-s8cbY0e2QBVQJPIVD02azOZ2PCsgrfay2MtU9wIUIwmjRoE7cpb1wnX0D0g&sig=Cg0ArKJSzG5r36PneAJJEAE&cid=CAASFeRokkXW6oR--ZahK55n7L7JZiUFGQ&id=lidar2&mcvt=1017&p=1095,436,1185,1164&asp=1095,436,1185,1164&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=452034833&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630512210355&rpt=839&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A62 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWl67UqQvYYueNtH43gPE2ZX4BQAAAAA4AeAEAg&bg=!S0ilSAzNAAZOkH6FTpA7ACkAdvg8WuJVW9BmoSWBSK_5tkW9-k7I1gzUX_Gs4ZHjEXsSL3fETixhNAIAAAHsUgAAACFoAQeZAsALIinbcvp_T7Gp_qQ1lZiHw6Q5Zjy1fOPwL1ZoWWzom3c1-P-mOGsByYb_b9VUekzKYgDUNLjuV1P_Q5FCpKVDJKBUEA6yFbIwQUl_DHk3bLD3kNvoBDu6Q4HIgjNbHUdP46mXX6GxDc8daoyU3fs299wztDIOdAQdgMrjaMLs1K5MtbIe4NVAJuMdolbaIYur9senN4-OQnxY3HqJTTG94IoHLaszkGBV-rExy6deYkf6Rao3E89ox-n-W0ftoX-rMaDw-GsIbloLuV0rJKeKY2duDPfKHucCzRal38M_Bs0lNrtTnJgLqTSS2H70kQTRabEGhDQkZrZ0-RXlZmQEIzDKAwgsjOgHpSVm5EkruTPdRqD0xHtc3xoZNbrr8Ltz7mDPrrjCof43DxlikPEyLcKIONmISAZjSVFQbY1436VWIKJeGkp60YwLE7MgDzPfg7HkrfohsVl2SBzeHY3fGobQ1c6lpD0Q6JV66S5fTQ5Ts8ZZCWVWsAm9BP2BbwY0BjJdcvEj9GwehazpRagp6P7TCM7rQUFh6Of064Prxmtttzx2A_22aH0jp0KlfvB3Pz4sHWA6DZgEH9bId0yngTE2sYa2XY24zSf7__fyWAh2ZaaPr97B-Sr587jmiJn1vuKNlOAgFdSjHLonTpARPJ8-IWIyOWaTkKyghlfuKN0epiKo4UbM4kGDkfhGj-ZyDYGyHPBC_WA0DHEmjUjp-L4F81udypVJsvFOMf5dC8ux8ueoQ0CvukLfVJdFJ7zPU-o4v5_V24h_LtYV8CY6_zJcsKODImljj5C3HxBmy5whsRVDaxl4jukx4q0TK7T6kRudab85rV__8O7vqcGPjt6lv53P7yl1uCz15BYd_FdvDqyEB5VYBIDL8B2KixC9516lG5s5P2lZQXcdkIb7bD2doR3pmAhKXx7VXJJx-g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bauern_greisinger.png
68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/ Frame CD78 263 KB
264 KB 42ms
42ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/bauern_greisinger.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9971247dea91bdad692dc039fa3dd2c5d5cec4b00872459dba8cd42cf5fde754

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:32 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 03 Aug 2021 12:32:20 GMT
X-Trans-Id: txeb79c77447424fe5949c5-0061231e69ord1
ETag: df2ce83e85567a90efa5d3e3a53722df
Content-Type: image/png
X-Timestamp: 1627993939.66493
Cache-Control: public, max-age=168401
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 269456
Expires: Fri, 03 Sep 2021 14:50:13 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5531 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWV-rUqQvYd2rOMrK7_UP0fOv0AkAAAAAOAHgBAI&bg=!BwSlBEDNAAZOkH6FTpA7ACkAdvg8WhIQf6FyfyApHkGJ2S7Dvl8JRPDib6vmBlGJbWJPUpqJUs_dUgIAAAGaUgAAAAtoAQcKAHNngmRy9ziQjzdfVB5NfHuMOJ4Gp8c64UbWVUpmjfslO2UxMjep24-escpuGEScPj1khqtwEBIRGj1fixNJJNpBESJ0LUaTyzXhWxmcTYV3GJbHRQJMkr2Y3pE_jJjcG6IYOH3WGuEg8mfmh59fQbVUMuNpmQLS6kMeK968QVZLB9c5oOHj7-4dCAvd3Z-BJ9209Qn1Hwnd_2-AwbkL5zlmW5U4svFsAlqNg7ykr-UTeX2hWHsKXjagEuaq3qqJOfVfTn477erHvvuLDU0laiF74FIW2KgaCmTL0XuuJKoYQBeXvw4XccFSIsjwHnsgbJBikMSmvchogNtFuB3IXvjdj7R7BhfBqdhddBjC2sDxcWnpfOFR4F-_N_nHZ_QDw0vGZhiG2r52TBnEF_dg5jSs7tKCCTykMXhW7ihhbiLfdSfQH8uF0FZajjeMMWZOvIMG_-qyA7kO7tgjn2UUjuwE0Uk3pdfxSKFNxrKsQuN_N0_byjBGqP64sRAEaiozrIxDjdYNyajKXo5WWU7jOpq3C-KmVmp9-XuKcHT8brw9vIYegYMfbRiSu9v12DPoZXpXYAEcxWt5tiY7aXm60w_uRmHVA63iLXX5djT15-BMPwlbD0KRazZxz5pPGEgzZTYRby7iC0dMFoc8cYWCGuCAeN_R0lBBobhYKV4KAPVIelhGA280pX6ZbcaacFvO2lli1_c_0nb16k6IKmOmJXXicUtcQ0USmozjV5BuaBp4AWyuHxN0CJvMxq4kSccIdiBQtOv4hvXOydar5M7Y1r5tcgJmcT-Sk4RxUU0XWDoAVoVJt2gVqJ6MfJ5Ulb1sNXDSyAFt6AnqZXd5W62oaaoKY97vQZwzYUe-oojuYwPCRCa_OyAjv5K6uvky7M2zGYavKewJL67vld77hYTtdDQr2K-jCbkgHu_qIMECUV8ZOx9AjH9RtgT752mo_xbqZ7mgBO50pZkLNrLdFevVWG4MC3uIttd6vvRbP9lYDlm-KeH7tohSTljNwLvehY9Syo_wrGFzcbjnBHWkMFSRmul5RARQlNTEZRUZGeakIO_jBxtw3NXnHLtT9b6WFFvKezg9yPPayf-XRgeDIlb6xgdo98gpnQ6dsWs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bauern_huetthaler.png
68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/ Frame CD78 172 KB
172 KB 40ms
39ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/bauern_huetthaler.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c65f0b0006074d9ef4ad6cf82fbe87d91599e15802d2bdb364fcc5d657fc3e92

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:32 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 03 Aug 2021 12:32:20 GMT
X-Trans-Id: tx08a4337a2e4c4697aee34-0061231e6aord1
ETag: 0ae30749fa742a8b6aa080c91c9d7598
Content-Type: image/png
X-Timestamp: 1627993939.33234
Cache-Control: public, max-age=168369
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175800
Expires: Fri, 03 Sep 2021 14:49:41 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 20E9 42 B
64 B 32ms
29ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCUEZaGcO20TICbX9TjV5DhydrGp1AgxBsYxrbu8tN4buyqTCFTnbRwrtoGzH3aMEgkKn07QYP4fB51-kYCWXGTm7DraD07s6ajmVkQpxxS-sHPIr4yIihuLJbvA&sai=AMfl-YR23nnBM6QqqxsczJjspkhCVJ34Nqz8Z-p3sKBYsTSMvxqiU1JNoFIA9yCZjV3WfP-QVJ27Kg9OhdBEHWQuImCfuT-qhJ-9BRifRtgrB5i3DFAmtfowOZuAHSii6XKW&sig=Cg0ArKJSzLjP1QlYLsGbEAE&cid=CAASFeRoOAnoQPv9T-rhWXPNIwQxllKsmw&id=lidar2&mcvt=1000&p=140,330,390,1300&asp=140,330,390,1300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1289986997&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630512210311&rpt=1024&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bauern_mayr.png
68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/ Frame CD78 322 KB
322 KB 39ms
39ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/bauern_mayr.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 29feba163ad4050632f5fffd1363273826131887887308d31319fb3810405c34

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:32 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 03 Aug 2021 12:32:20 GMT
X-Trans-Id: txdf622aa97b4e4076a9e85-0061231e6aord1
ETag: 0d29f9bd6ba7c99dc2480dca54fcb212
Content-Type: image/png
X-Timestamp: 1627993939.55745
Cache-Control: public, max-age=168433
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 329514
Expires: Fri, 03 Sep 2021 14:50:45 GMT

GET
H/1.1 200
OK headline.png
68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/ Frame CD78 60 KB
60 KB 39ms
38ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/headline.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e6beb7bf4ae0c275b1ec7d0f014bd0346ee488c4ef463057dc85417e1f3bf715

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:32 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 03 Aug 2021 12:32:21 GMT
X-Trans-Id: txfbfac0181f894a98b9fe2-0061231e6bord1
ETag: 716e2634114d09e7e3435dca597e72a7
Content-Type: image/png
X-Timestamp: 1627993940.73805
Cache-Control: public, max-age=168415
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61326
Expires: Fri, 03 Sep 2021 14:50:27 GMT

GET
H/1.1 200
OK produkte_quer_ohneSchatten.png
68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/ Frame CD78 50 KB
51 KB 39ms
38ms Image
image/png 2.18.233.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com/2021/40_Liebensmittel_08-2021/produkte_quer_ohneSchatten.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6b7497f0a6c85503ff17ff177844cfba8f9ba1345173e02e606b145497360ff1

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:32 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Wed, 18 Aug 2021 10:06:54 GMT
X-Trans-Id: txb22f445431c94cf89f107-0061231e6bord1
ETag: 75503457d6b58e6a131dc72c83bb8ec4
Content-Type: image/png
X-Timestamp: 1629281213.83167
Cache-Control: public, max-age=41048
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51670
Expires: Thu, 02 Sep 2021 03:27:40 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 799ms
346ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.22/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 16:03:32 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame B8EA 995 B
875 B 117ms
38ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gofobo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: anj=dTM7k!M41.D>6NRF']wIg2GU%nsr@n!]tbPl1M>e)ZlrFUfJ+tGXxpKa%OdH[MP((<_Cu-<%X:!`WdXxX^X^(ve@GY*bpRz*qF1`*b^n`)yA8H; uuid2=7039273211045358647
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 01 Sep 2022 16:03:33 GMT
Date: Wed, 01 Sep 2021 16:03:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame F645 0
0 37ms
32ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 687fbab55a690f9a-VIE

GET
H2 200 sync Show response
pre.ads.justpremium.com/v/1.0/t/ Frame 26CB 4 KB
4 KB 32ms
31ms Document
text/html 52.58.132.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=an4t80s1630512206519
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.132.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-132-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 240811c9c8aecc11edeee3a134efa8928a6cd0e66032e29f38f3089eaac18f69

Request headers

:method: GET
:authority: pre.ads.justpremium.com
:scheme: https
:path: /v/1.0/t/sync?_c=an4t80s1630512206519
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
content-type: text/html; charset=utf-8
cache-control: public, no-cache, no-store, must-revalidate

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C11B 38 KB
14 KB 118ms
38ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=83238
expires: Thu, 02 Sep 2021 15:10:51 GMT
date: Wed, 01 Sep 2021 16:03:33 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6EE5 281 B
554 B 102ms
30ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gofobo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Sep 2021 16:03:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6EE5 31 KB
10 KB 32ms
32ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: dc949673613accf095ab0f0272dff33bc203597f9fde36750f4baec576b80afa

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:03:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=29318
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Thu, 02 Sep 2021 00:12:11 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6EE5 284 B
536 B 114ms
30ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C11B 3 KB
3 KB 147ms
48ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21930270&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a119e53eea872d2707b9e8b892b7db8c49a7d6020ae378350a1db87b1849bb1a

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame B8EA 0
731 B 142ms
52ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:33 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ee7e4381-3b36-4489-b429-5d45377c7d50
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 6324
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF

35 B
468 B

48ms
48ms

Document
image/gif

37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Sep 2021 16:03:33 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=7116286902267473987; expires=Sun, 31 Oct 2021 16:03:33 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Wed, 01 Sep 2021 16:03:33 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Fri, 01 Oct 2021 16:03:33 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A581
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667063519188721093

42 B
210 B

51ms
51ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667063519188721093
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667063519188721093
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=4EA67E9F-2C70-4068-B179-609DBF5FFCAF; chkChromeAb67Sec=1; DPSync3=1631664000%3A197_219_201%7C1630540800%3A174; SyncRTB3=1631664000%3A161_3_71_220_13_7_54_8_21_56%7C1631059200%3A223%7C1631750400%3A35; KRTBCOOKIE_27=16735-uid:afbb612f-a455-4500-82cd-f47ea188c84b&KRTB&16736-uid:afbb612f-a455-4500-82cd-f47ea188c84b&KRTB&23019-uid:afbb612f-a455-4500-82cd-f47ea188c84b&KRTB&23114-uid:afbb612f-a455-4500-82cd-f47ea188c84b; PugT=1630512213; PUBMDCID=3; KRTBCOOKIE_57=22776-7039273211045358647; KRTBCOOKIE_80=22987-CAESEGaopaSQEYp1WhV43Yz3gBw&KRTB&16514-CAESEGaopaSQEYp1WhV43Yz3gBw&KRTB&23025-CAESEGaopaSQEYp1WhV43Yz3gBw; KRTBCOOKIE_377=6810-d96bd44a-b676-4088-8bbc-cc98b4baeca2&KRTB&22918-d96bd44a-b676-4088-8bbc-cc98b4baeca2&KRTB&23031-d96bd44a-b676-4088-8bbc-cc98b4baeca2; KRTBCOOKIE_153=19420-ssLCy-XHxZipkJOYs5Ldn-GRxMupxsjPvMEblkis&KRTB&22979-ssLCy-XHxZipkJOYs5Ldn-GRxMupxsjPvMEblkis; SPugT=1630512213
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Sep 2021 16:03:33 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-5667063519188721093; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 01-Oct-2021 16:03:33 GMT; path=/ PugT=1630512213; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 01-Oct-2021 16:03:33 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 30-Nov-2021 16:03:33 GMT; path=/
x-lat: lhrpug017:0:610
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667063519188721093
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 1684 43 B
337 B 121ms
39ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Wed, 01 Sep 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 975
date: Wed, 01 Sep 2021 16:03:33 GMT
content-length: 43

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C11B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TqZ-nyxwQGixeWCdv1_8rw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TqZ-nyxwQGixeWCdv1_8rw%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

40ms
39ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=124710
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Fri, 03 Sep 2021 02:42:03 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C11B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dee8612f-a455-4c00-ba01-08931b345fca

0
260 B

143ms
46ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dee8612f-a455-4c00-ba01-08931b345fca
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 01 Sep 2021 16:03:33 GMT
Server: MT3 3893 e707801 master zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dee8612f-a455-4c00-ba01-08931b345fca
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Sep 2021 16:03:32 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame C11B
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=4EA67E9F-2C70-4068-B179-609DBF5FFCAF
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=d96bd44a-b676-4088-8bbc-cc98b4baeca2&icm
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=8dd2340c59d8a9eb01a1b521f4205702
https://spl.zeotap.com/?zdid=1332&zcluid=fcd4246fbb881a9c
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=beb2f683-8f3b-4f30-4bbb-fe6627034ad6&reqId=35e928e8-bee3-47af-40ad-f427dd0af550&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEOm6URmNi1Or1xp6AWrKbbI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=beb2f683-8f3b-4f30-4bbb-fe6627034ad6&reqId=35e928e8-bee3-47af-40ad-f42...

95 B
164 B

39ms
32ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEOm6URmNi1Or1xp6AWrKbbI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=beb2f683-8f3b-4f30-4bbb-fe6627034ad6&reqId=35e928e8-bee3-47af-40ad-f427dd0af550&zcluid=fcd4246fbb881a9c&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 687fbabb39e0535d-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEOm6URmNi1Or1xp6AWrKbbI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=beb2f683-8f3b-4f30-4bbb-fe6627034ad6&reqId=35e928e8-bee3-47af-40ad-f427dd0af550&zcluid=fcd4246fbb881a9c&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C11B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEVBNjdFOUYtMkM3MC00MDY4LUIxNzktNjA5REJGNUZGQ0FG&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEVBNjdFOUYtMkM3MC00MDY4LUIxNzktNjA5REJGNUZGQ0FG&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

46ms
45ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:483
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C11B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGaopaSQEYp1WhV43Yz3gBw&google_cver=1

42 B
282 B

46ms
46ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGaopaSQEYp1WhV43Yz3gBw&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:539
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGaopaSQEYp1WhV43Yz3gBw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame C11B 43 B
609 B 155ms
47ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 31 Aug 2021 16:03:33 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C11B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2893179158408348885

42 B
234 B

46ms
46ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2893179158408348885
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:591
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:33 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2893179158408348885
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C11B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:afbb612f-a455-4500-82cd-f47ea188c84b&gdpr=0&gdpr_consent=

42 B
514 B

47ms
45ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:afbb612f-a455-4500-82cd-f47ea188c84b&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:507
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 01 Sep 2021 16:03:33 GMT
Server: MT3 3893 e707801 master zrh-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:afbb612f-a455-4500-82cd-f47ea188c84b&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Sep 2021 16:03:32 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C11B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d96bd44a-b676-4088-8bbc-cc98b4baeca2

42 B
295 B

45ms
45ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d96bd44a-b676-4088-8bbc-cc98b4baeca2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:487
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:33 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d96bd44a-b676-4088-8bbc-cc98b4baeca2
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C11B
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7039273211045358647&gdpr=0&gdpr_consent=

42 B
210 B

45ms
44ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7039273211045358647&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:275
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:33 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 430ca069-6fc6-487c-8e62-1065fcad7206
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7039273211045358647&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C11B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4EA67E9F-2C70-4068-B179-609DBF5FFCAF&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bw3qS8NE2uW3GhOwe2XMU8zBUeMfSVM-~A&gdpr=0&gdpr_consent=

0
48 B

46ms
46ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bw3qS8NE2uW3GhOwe2XMU8zBUeMfSVM-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 01 Sep 2021 16:03:33 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bw3qS8NE2uW3GhOwe2XMU8zBUeMfSVM-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 4EA67E9F-2C70-4068-B179-609DBF5FFCAF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C11B 43 B
840 B 100ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/4EA67E9F-2C70-4068-B179-609DBF5FFCAF?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C11B
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ssLCy-XHxZipkJOYs5Ldn-GRxMupxsjPvMEblkis

42 B
272 B

49ms
49ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ssLCy-XHxZipkJOYs5Ldn-GRxMupxsjPvMEblkis
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:33 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:552
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ssLCy-XHxZipkJOYs5Ldn-GRxMupxsjPvMEblkis
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pd Show response
eu-u.openx.net/w/1.0/ Frame 0001
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

1006 B
565 B

67ms
37ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 6da1271784033108191a6a8718ee5f31c902489c7193d3046073db15752bd33e

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=cfc9ccb5-cbb4-0189-157f-7c40422c3529|1630512214
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=cfc9ccb5-cbb4-0189-157f-7c40422c3529|1630512214; Version=1; Expires=Thu, 01-Sep-2022 16:03:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630512214|mOgeginskin0vNomiygu; Version=1; Expires=Thu, 16-Sep-2021 16:03:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 01 Sep 2021 16:03:34 GMT
content-type: text/html
content-length: 546
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

set-cookie: i=cfc9ccb5-cbb4-0189-157f-7c40422c3529|1630512214; Version=1; Expires=Thu, 01-Sep-2022 16:03:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
date: Wed, 01 Sep 2021 16:03:34 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame 6CBB 75 B
289 B 383ms
129ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dIiXMspHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=dIiXMspHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

cache-control: max-age=86400
expires: Thu, 02 Sep 2021 16:03:35 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Wed, 01 Sep 2021 16:03:34 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame B7E7 75 B
289 B 381ms
128ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dEJ4uepHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=dEJ4uepHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

cache-control: max-age=86400
expires: Thu, 02 Sep 2021 16:03:35 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Wed, 01 Sep 2021 16:03:34 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame 2261 75 B
289 B 380ms
128ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dVJisCpHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=dVJisCpHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

cache-control: max-age=86400
expires: Thu, 02 Sep 2021 16:03:35 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Wed, 01 Sep 2021 16:03:34 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3-29

200

sd
eu-u.openx.net/w/1.0/ Frame 0001
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2BquTTSl1MlsI75

43 B
61 B

39ms
38ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2BquTTSl1MlsI75
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:35 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:34 GMT
Server: PingMatch/v2.0.30-669-g517f080#rel-ec2-master i-0a7db81dcab2c4dcf@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2BquTTSl1MlsI75
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

sd
us-u.openx.net/w/1.0/ Frame 0001
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=2815dfcf-0609-4c33-9eb0-6315198e8433
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=2815dfcf-0609-4c33-9eb0-6315198e8433
https://x.bidswitch.net/sync?dsp_id=4&user_id=965ad09a-d066-41aa-9e02-c69f66b0a11d&ssp=openx&expires=30&user_group=5&bsw_param=2815dfcf-0609-4c33-9eb0-6315198e8433
https://us-u.openx.net/w/1.0/sd?id=537072968&val=2815dfcf-0609-4c33-9eb0-6315198e8433

43 B
61 B

39ms
38ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=2815dfcf-0609-4c33-9eb0-6315198e8433
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:35 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=2815dfcf-0609-4c33-9eb0-6315198e8433
date: Wed, 01 Sep 2021 16:03:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

sd
eu-u.openx.net/w/1.0/ Frame 0001
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7039273211045358647

43 B
61 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7039273211045358647
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:35 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 16:03:35 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 254b3dd7-4616-493e-8a76-3a531f82f45f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7039273211045358647
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 0001
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDWWhFN0NYMGtBQUJYeHRBT3JmQQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYhE7CX0kAABXxtAOrfA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACYhE7CX0kAABXxtAOrfA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACYhE7CX0kAABXxtAOrfA&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACYhE7CX0kAABXxtAOrfA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

124ms
40ms

Image
image/gif

185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACYhE7CX0kAABXxtAOrfA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:35 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACYhE7CX0kAABXxtAOrfA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date: Wed, 01 Sep 2021 16:03:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H3-29

200

sd
eu-u.openx.net/w/1.0/ Frame 0001
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dee8612f-a455-4c00-ba01-08931b345fca

43 B
61 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dee8612f-a455-4c00-ba01-08931b345fca
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:34 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 01 Sep 2021 16:03:34 GMT
Server: MT3 3893 e707801 master zrh-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dee8612f-a455-4c00-ba01-08931b345fca
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Sep 2021 16:03:33 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0001
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=jCH2Fdsk8UaXc6dGjXHpQd9y8BWXJfwRgiKeGIB5

43 B
122 B

35ms
35ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=jCH2Fdsk8UaXc6dGjXHpQd9y8BWXJfwRgiKeGIB5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:34 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=jCH2Fdsk8UaXc6dGjXHpQd9y8BWXJfwRgiKeGIB5
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

sd
eu-u.openx.net/w/1.0/ Frame 0001
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2893179158408348885

43 B
61 B

36ms
35ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2893179158408348885
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:35 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:34 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2893179158408348885
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 0001 70 B
264 B 53ms
51ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=1c65f3ec-6233-3e7e-4fa9-b4a8260b06d4&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 0001 170 B
188 B 38ms
37ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzAwYTIwMjYtYWI0NC02MGRhLTVhNDktZWUxMWVjZTljOGI0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0001
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7y0Cu4j6uvnIhZxoTlZv4&google_cver=1

43 B
106 B

36ms
36ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7y0Cu4j6uvnIhZxoTlZv4&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:34 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA7y0Cu4j6uvnIhZxoTlZv4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame C11B 0
260 B 142ms
45ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:03:35 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 114ms
114ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.22/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 16:03:36 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 dc_oe=ChMIgu7FqJPe8gIVe8m7CB0tFg2NEAEYACCo29VJ;met=1;&timestamp=1630512221446;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5888 42 B
515 B 130ms
62ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgu7FqJPe8gIVe8m7CB0tFg2NEAEYACCo29VJ;met=1;&timestamp=1630512221446;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIi4-HqZPe8gIVUbx3Ch3EbAVfEAAYACCak9JKQhMIg-7FqJPe8gIVe8m7CB0tFg2N;met=1;&timestamp=1630512221546;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2A0B 42 B
107 B 106ms
105ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIi4-HqZPe8gIVUbx3Ch3EbAVfEAAYACCak9JKQhMIg-7FqJPe8gIVe8m7CB0tFg2N;met=1;&timestamp=1630512221546;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMI3ZyJqZPe8gIVSuW7CB3R-QuaEAAYACDL5MI-QhMIge7FqJPe8gIVe8m7CB0tFg2N;met=1;&timestamp=1630512221712;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 20E9 42 B
63 B 99ms
63ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3ZyJqZPe8gIVSuW7CB3R-QuaEAAYACDL5MI-QhMIge7FqJPe8gIVe8m7CB0tFg2N;met=1;&timestamp=1630512221712;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 16:03:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=72

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/	1970-01-20 14:26:24	Name: lidid Value: 8cbc3cbb-fc11-45c0-98d9-dc22d686ffdb
i.liadm.com/s	1970-01-19 21:38:24	Name: _li_ss Value: MgUIBhClEDIFCAoQpRAyBQh6EKQQMgYIiwEQpRAyBQgLEKUQMgUICxClEDIFCHkQpBAyCQj_____BxClEA
gofobo.com/	1970-02-18 20:55:12	Name: _li_ss Value: MgUIBhClEDIFCAoQpRAyBQh6EKQQMgYIiwEQpRAyBQgLEKUQMgUICxClEDIFCHkQpBA

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Parameter 'currency' is invalid for event 'Purchase'.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USPAPI workflow exceeded timeout threshold.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://gofobo.com/main/trailerDetails/397428997/the-card-counter-official-trailer(Line 99) Message: success
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: CMP workflow exceeded timeout threshold.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	error	URL: https://c.amazon-adsystem.com/aax2/apstag.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s0.2mdn.net/ads/studio/cached_libs/threejs_1.0.0_min.js(Line 208) Message: THREE.WebGLRenderer: Error creating WebGL context.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5d4fdc66c8e6e1f6af384c123c9a7bd7.safeframe.googlesyndication.com
68053abc28fdb89dcb9b-41df3945f66154d8881f66f670ed07f3.ssl.cf2.rackcdn.com
acdn.adnxs.com
ade.googlesyndication.com
ads.creative-serving.com
ads.pubmatic.com
adservice.google.at
adservice.google.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
as-sec.casalemedia.com
asset.pagefair.com
asset.pagefair.net
ats.rlcdn.com
b-code.liadm.com
bh.contextweb.com
bids.proper.io
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.cookielaw.org
cdn.districtm.io
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
d2u384mreupnc8.cloudfront.net
d5p.de17a.com
de.tynt.com
dis.criteo.com
dk2d6nav3mn9d.cloudfront.net
dmx.districtm.io
dpm.demdex.net
dsum-sec.casalemedia.com
e.clarity.ms
eb.proper.io
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
global.proper.io
gofobo.com
gofobo.ticktbox.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.sharedid.org
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.youtube.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
proc.ad.cpe.dotomi.com
prod.perf-serving.com
propermedia-d.openx.net
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rules.quantcount.com
s0.2mdn.net
script.hotjar.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sli.gofobo.com
spl.zeotap.com
ssc.33across.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
tag.1rx.io
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usync.proper.io
vars.hotjar.com
web.hb.ad.cpe.dotomi.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.dlx.addthis.com
api.rlcdn.com
hbopenbid.pubmatic.com
104.111.215.191
104.111.219.144
104.16.68.69
108.161.188.128
13.32.118.55
13.32.121.3
142.250.181.226
142.250.185.130
142.250.185.226
142.250.185.66
169.50.137.190
178.162.133.150
178.250.0.163
18.156.153.73
18.159.171.176
18.195.105.17
18.66.109.174
18.66.112.122
18.66.112.128
18.66.92.163
18.66.97.53
185.29.132.241
185.33.221.87
185.33.221.91
185.64.189.114
185.64.189.115
185.64.190.80
185.64.190.81
185.86.137.110
198.148.27.140
2.16.186.186
2.18.232.130
2.18.233.180
2.18.233.89
2.18.234.21
20.62.48.180
208.100.17.188
213.155.156.164
213.19.147.42
23.37.42.132
2600:1f18:444a:4680:b988:ecc0:9832:67ce
2600:1f18:730:b140:3161:8a8b:ea8c:5d8b
2600:9000:223c:2400:8:8845:1500:93a1
2600:9000:223c:7200:6:44e3:f8c0:93a1
2606:4700:10::6814:b844
2606:4700:10::ac43:db6
2606:4700::6810:9440
2606:4700::6811:4e22
2606:4700::6812:acf
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:27::cafe:2080
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2006
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:400c:c09::9a
2a02:26f0:6c00::210:ba2a
2a02:fa8:8806:12::1460
2a02:fa8:8806:20::2100
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:3::300
3.123.143.157
3.126.56.137
34.149.20.76
34.240.223.28
34.98.64.218
35.167.85.56
37.157.2.238
44.226.64.252
44.235.82.75
51.210.112.63
51.89.21.10
52.142.114.2
52.18.12.237
52.27.184.18
52.49.53.128
52.5.181.6
52.57.8.242
52.58.132.147
54.191.133.64
54.236.238.76
69.173.144.140
69.173.144.165
72.251.249.9
76.223.111.131
94.31.29.248
02a268fd9d53d15e4c386b43883586595b248fac698f1687cfc7259eabb29db2
02af137e0cffb081a02fc4797077c6c9513e88b9a95c689f36a80d42c6b7f7c5
06082fe11b13b3e0d090d8b64c927bbf9fbd20a31a9465ff3c3c902f6ceb6312
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0abcc9427a6673f19254270c4c92fa1c8179e79e54d8961434537bcee780f07b
0b33fb8b9a09c656f6e8803fe40ff865d7fe22b4fb4438aa0ec6efc81e80478f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
10bbabdfe2ad3fdf4e40616a46b0ec1fe1492a1922b770ed85aafa0bb68556a9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
131269bf6aec959b544ddcf1b5ad6c6a89d16eaed869c7b616aa440d27201afe
1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb
14f7de6b616950395062902eb8f70f01c0a901223db5d40f2a05728ac4a830f6
16029f893c7cc7fb7964515bf0b56b7182f428b11bceca36fffc9e689fbe12cb
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c3ad9d69f010a2b28ea73c99136fd5d631996a7cd0a5b11e8e6b1d3c48ff5f
1a891fc0d213b1a1ceb5a8f13c61dd9b274e163bd172758318648fad77c9a422
1b4e1722333b8a418079194a24d0685cb14b77df6a2b69aff56d76cba7a54c47
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1c76637b902946af4fbfd2f64febdbef5371d4bd30c3ff6db4fdd542f22fcb4b
1d97729299024aa64b03739e244f254966f9b546045de88bd835701a473045d8
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
240811c9c8aecc11edeee3a134efa8928a6cd0e66032e29f38f3089eaac18f69
265acaa7671ecc0fb94f926ffe9d1b4661006e4924eea3234f1dc72a44ce58d1
2900690278e8dac8de33fa5d408382bde63f759cd607ce481d30463eaf73b7ff
29feba163ad4050632f5fffd1363273826131887887308d31319fb3810405c34
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2e3eb27ed780ac5ac845756a51d8120e4a30cd3bb4cdc11ab18d265763373e48
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
34760d3b326d757f095dfeb18d3da4c6f420f809671d40bc13ed920b0daf60e7
36ac80a2a51a5f030f93b08bbd4601e3944accb8152db9d175fd2aeb394b1ae7
37b2807535112a55808bd5da745558576be2fe38a7fa2d87949d6a45fd21e8e3
37f950d9cac10dc60810b77355d0481d46465738bbfaae59fcab5fb9002386f4
38abfda5ca9b056f48795cb1c4df20b3c10fb1fad45b9e5cc3211c6a6c218809
3b9864025f7f6cb9c4194e0fbc24550ef2c639233a9ed37dc74b1d5ec5ab8937
3be08e97d2f7d7e1ee22813225c2ea1959913aca485edd292a4dd6a58a85880a
3c28b1e7455fd67f101920be78112595a077582ef5a992b9f13850cc2b861e86
3cd9198b6b095257060a0bb01327cb8efd72207c1b58a418acff7fe555085371
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4349f665a853d8970813d466168d4d2ebba277d4ba4cc57b1a2ebbcb4b49cc0e
4649831407dc6de3957b170dffcc80223669a1c712069a20118a3f533c9659f4
478a01bfa3c2eb215f345963e7e4a89343d2fb5eb5726e248495ea6606c72801
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49bae4bb549c5f46a159708ec23de2405d006b456d79936ef04298ad6de2550f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d460e6c9b0d0b49df6a39d58934883108101e83d1e7375c901232ca0e0a10ad
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e61ca9b335c108407883f5bc70031e4627bb9f915e69ab2fec9b56079fade38
4ea3d321090cb97cb30e2660c64aa24c5d197a3a27deccbc1ed797e2dd0e778c
4f6e971970c0c7e048524a65dab048d3fc487799b83db98bf138d7b03b69fa03
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
528f9142e0d57fe914cefe9cb890bf6cf5899d39dfed394cde0ba55d2bda29f1
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55477390838249ee5a6d43ef733fd62fc9098cae4565d81ecf123fd2fa295fa7
55d6df10cb276f601f4274a3004f1c9084e4eb9efd644115fceb0e22a52552fb
56d31ad13a941747a83fbc0cb352801d35cda752c70e4f70eea695b79bbc3f21
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
5750d5f9f4a1d00e94aca997fb9c99e465e41778b91f85e1f9bb83ef77a885e5
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5bce2acc49e6f9085c316048bf20e2663768d138d375ab5ef6c3539780d9fe2a
5bd5c81ed2892e35e7b6f4fb3809e3539610c1a23c21d93cadaf9385492d8089
5c19a958735b85cda3c841c910a0e45ff2f188c8d532de5dfb21860d2e8eb70a
60d8927ea832207cc82b4a959913d625bd4229dc5cfbb6462cdca031c581baa3
6276ec8d74799bf29a42dd02c32637e1a1806919d82ba78fe5ecd73337afcd53
62d956e0d5fc84fcd6b7d2bbd8d13e0dde19d29e3381beeff57d185a2b917477
65a16e4cfb84d9781c7ebfa3719c48ed4344f13da4f56124d79649831e5787e3
65cb47c5340934731f1862c53ae014b5b44025ceca8abfc4f13fb2d685c5c6e3
66c9fd744a3db46f3dce06826004b9f756b9ba03a5b9cdc21d86427e7a688386
670cd3c2119382575d13452455fe2a316b85b08468bb75f5cdaaaf12d3e374f2
6880f6230bbf84d9b731543ae8bfe6d39ba0a6a04091e1eb3545f09308278976
68a1eb809781154c2c6dd9ef157e3ffa54c45afade2bb70edd006707d28c3a7c
68d525dc844915e4d71d79addf52397416bccfe244e7927fb8d9812cd7d0f70f
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab
6b7497f0a6c85503ff17ff177844cfba8f9ba1345173e02e606b145497360ff1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6da1271784033108191a6a8718ee5f31c902489c7193d3046073db15752bd33e
6de7b0a3574cf8f5a665d1b932c9a0163d6354f3f600b21ff044f469a1d3f508
6ed1b926fec4b503787cdc1034fd8dcfd0853c3d577457284fd519a718016200
6f193d32f3af62ea21834885447c250eb56ba5fe6d49df5ef46fdcd47b09de03
6f74c7a92c69ab24c6054008b0432a5de08bc7631e7f4655d2eafadac7503e35
711bc5b0b8c40e39b2560e65797d175e72a89b49ebbc266a7c7b581c4bec4b21
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76ab9639d9948ade3d2b0c06432f41689c328173322c8eb3da3c60447126831e
77516e87f9273512485c9e6daaf80dd6696b98a3583e83e79e68fd52220c82d4
789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
7bfb4f95a9f2fc778061cfcba056771238b858903ee8c656086d9a5679f465e8
814e55a82c734cca7bfa3cf1071d6aceae065a7f033717a6726a7b776189e948
82664a18c949f3d66ba8a6251c55dd1cb28e25620bdf43dcf4611ab4842a10ab
82cb4fa1fcbc3227c3ad949a65bcc41eed09ac5a2ac9be06f2526da66b2aadc7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e655ea93cb3b2e0e858ffff6e139bc682218736a87647b2025f22eab22d13c
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
88d51c99298c6ade08c4e754c7c92d0ccb5af58e71232f79f018dfa4763aca16
88faa037d81cb486dd86f58f5df43d3165e01b69c80c9f9cc85716bab3b56483
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b363cfdb6eff3537a4866cb084bdfeb1b89d4dfc54a5aa3c4bfa8c12ffb23bc
8bab8d4b51297ea91143de18a52515960c82eaf20874aec0a6a58ef17614d4fd
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8c8207e762acd72dd9114ca3e6de823f69ede6c9c5db711dceadefabaf05284c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90257c042e38df42354d721bfe98e36e037f137f0775b3000f5b1158d62a7ea5
916d551398b8a681848a8a02a69f8d59231ce19d992df304cf2fb1c85f924a13
9436816d54666c2f33eb0c6d3d556f10dd70ed6721906a82c6adbf6100a008bc
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
98717e62165e22ed9a1bc4898b1aafb0c6e3d208a92068816b59fb2afc5cd5f6
9971247dea91bdad692dc039fa3dd2c5d5cec4b00872459dba8cd42cf5fde754
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ad951a46493b7d422aed00ea837dfff94508fe1a39120ba56f23a99f3c4c8b1
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08c01d451bd2649996e79c2480e43b5ede3f2833fdadc14ef8ab7a99e7a6fca
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10e94879bbae88a50f8c3cff9de0c275ee3a98dcbe99ecad51f6e70c851d2c5
a119e53eea872d2707b9e8b892b7db8c49a7d6020ae378350a1db87b1849bb1a
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a43eb929a5f667e26f866e75458c0639b56c9da1bc2f47b354d2319e2d712ada
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9247ce2bd50f80397e8e5ff3538bae254d226d3f9d23b15f16bac61580c187e
ae2b763616807405d6c7a3dd24ae33b6fc25f01866768ac1ca8439722e57d07f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee8ab892144e88f83a00a907676bd1e0e9a83e8a0879518ca3a77f897c8128d
aefcc9475487c67455a78bd1d943e9de953689a488515e8be215be61c9c0bda5
afe3fd34bb642300e836507874a15aff0d549fa68c6500570990ec73f4837700
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28a322c3cf1026cea1362727af1a24bf6e7a1e289cc491d5c31220d813d47d8
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7cb70e1076d694f4f8b86a9d00b2c8736899425c41925f051162872fc85bec4
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
bb1613b6665088384c39215af1aaa40f996f9383b9d66d85557c834bfad12cae
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
c220569b0e24867c20cab4f3cc346c408ee626bb369b23caa242bf39d6f5f315
c2b0a816a46d16fd4239f22ce2c8fa0effe3c621b27ca602b6a48080ea0b7083
c32d83b0bcee868363b7e0b83bcb91d3869cadf040a37b2f1d09c9f1ea880ac1
c65f0b0006074d9ef4ad6cf82fbe87d91599e15802d2bdb364fcc5d657fc3e92
c66fbd9aa8bea7f30b0a58ed13d4397ffee9ccbfa02f6a42155883e2227ecf77
c9945034bc80651c724cb6471003a226072a8593d5dc82a8c33483bfb39265f6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cccf28c33d33a9322383ce4c2ce6c310841f267d9e23964d216a4efb35b8e922
cd0bb6c699acc574c48ded9499338e69d00c4029bae6512b669b5db74dd8fea6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d105b0a793af6426ddf8c1ef8b26ae81d889617ef5f248a72e06b8c71d91e1c5
d24e83fb832a53db6e3b4e6452db348b9428436a36a3be2cff207cfb31d0c231
d502121116ea9588bd7edfb519575a09ded0e6daaf30427d6093e03d6dc777ea
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
d9acf52620c3c84b79ad4f97ba2adfe6944633c8353352cbe93a7bc141495e83
d9c1f8fba628e874e377e8a87de7e629aef2284e60d6575a17b750f23fcd7ade
db0de5884aa9acc96486bee8a22ccaa36c43f3a2574033fd9b823182fb8bef8b
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc7b8ab1c97bd9ab13b0f9ece7f6881c1b20ba06139767a7f45d2d0807178e62
dc949673613accf095ab0f0272dff33bc203597f9fde36750f4baec576b80afa
dcf713c480cdeae61cedca8d4b8d58f0d8a61239b26bc331650b624d6179282d
dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47
ddd20fbc250587ac6f1671023aaf2180594d9dcd520add2c6b212044b4a2af12
dfc42afc5beaca36bbb2fb8f1d37c962768d350f6c3b290a315fcc7d1b103d68
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5471e6216c3677a79cbf10721752fdfff5340e0c29d0b86d436821301edeedd
e5f641886198fee9badfbcc907ba5f726d027a5636596ca532695c943e5f5bb0
e6943a1d90abac5b3cc437b49d853b05ce8549a0f89e7c0c5d70d54d72efee25
e6beb7bf4ae0c275b1ec7d0f014bd0346ee488c4ef463057dc85417e1f3bf715
e92c705f444d62f823dc852694d8faabc0afc96f642a90ff7e0c775d29689e8e
eedcd858b717d51a55a283a8c74d9ee4e8d0eb247499263f53b84f91338a1e3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7b7e3a2dae1d1efcc2b134fcde39a50a8aef9b4e743b860bbca45ec57c67c3
f671304fea4db29141b1f82766d637342dc9a6cadbc7ef2370397b2b4254984e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff72eb9381c10f07bbcfa3095def0bede7c1f01f7c299043caf8bd51551e7a87

gofobo.com Open in urlscan Pro 52.27.184.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

285 Requests

99 %HTTPS

34 %IPv6

69 Domains

110 Subdomains

85 IPs

11 Countries

4088 kBTransfer

9132 kBSize

3 Cookies

7 Outgoing links

Page URL History

Redirected requests

285 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gofobo.com Open in urlscan Pro
52.27.184.18 Public Scan

Screenshot
Live screenshot

Full Image

285
Requests

99 %
HTTPS

34 %
IPv6

69
Domains

110
Subdomains

85
IPs

11
Countries

4088 kB
Transfer

9132 kB
Size

3
Cookies

285 HTTP transactions
5 data transactions