hubdrive.lat Open in urlscan Pro
2606:4700:3037::ac43:b687 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hubdrive.lat/file/1708067901
Effective URL:
https://hubdrive.lat/file/1708067901
Submission: On February 17 via api (February 17th 2024, 9:42:23 pm UTC) from US — Scanned from US

Summary HTTP 201 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 43 IPs in 4 countries across 31 domains to perform 201 HTTP transactions. The main IP is 2606:4700:3037::ac43:b687, located in United States and belongs to CLOUDFLARENET, US. The main domain is hubdrive.lat.
TLS certificate: Issued by GTS CA 1P5 on January 16th 2024. Valid for: 3 months.

This is the only time hubdrive.lat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	2606:4700:303... 2606:4700:3037::ac43:b687	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	54.192.51.118 54.192.51.118	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e6:... 2606:4700:e6::ac40:ce26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::61	15169 (GOOGLE) (GOOGLE)
5	5.45.74.150 5.45.74.150	58061 (SCALAXY-AS) (SCALAXY-AS)
8	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
17	2400:52e0:1a0... 2400:52e0:1a00::894:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2400:52e0:1a0... 2400:52e0:1a00::871:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:26a... 2600:9000:26a0:2c00:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
5	2607:f8b0:400... 2607:f8b0:4004:c1d::84	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
1	18.223.141.84 18.223.141.84	16509 (AMAZON-02) (AMAZON-02)
16	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
36	2607:f8b0:400... 2607:f8b0:4004:c1d::95	15169 (GOOGLE) (GOOGLE)
8 14	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
4 8	2606:4700:440... 2606:4700:4400::6812:249b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
6	172.253.62.148 172.253.62.148	15169 (GOOGLE) (GOOGLE)
5	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::63	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::ac43:a62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	23.222.197.151 23.222.197.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.116.53.150 52.116.53.150	36351 (SOFTLAYER) (SOFTLAYER)
2	2607:f8b0:400... 2607:f8b0:4004:c08::cf	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:50b... 2600:1f14:50b:9a01:cb4f:8b89:fd1c:7f04	() ()
201	43

10 2606:4700:3037::ac43:b687 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

hubdrive.lat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::84 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

www-google-com.cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hubdrive-lat.cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.51.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-118.yul62.r.cloudfront.net

arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:ce26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7aaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c08::9d (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.45.74.150 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, LV)
PTR: zmta28.corpresponse.com

greenfox.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

thubanoa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2400:52e0:1a00::894:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

static.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1a00::871:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

core.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cids.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26a0:2c00:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)

ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.223.141.84 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-141-84.us-east-2.compute.amazonaws.com

warden.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4004:c08::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2607:f8b0:4004:c1d::95 (Washington, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.253.122.155 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::6812:249b (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.76 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.62.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

interstitial-08.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::63 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:a62 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.222.197.151 (Ashburn, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-197-151.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com

8proof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::cf (Washington, United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:50b:9a01:cb4f:8b89:fd1c:7f04 (None, )

ASN- ()

su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	461 KB
36	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	985 KB
34	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 ad.doubleclick.net — Cisco Umbrella Rank: 149	360 KB
21	arc.io arc.io — Cisco Umbrella Rank: 27490 static.arc.io — Cisco Umbrella Rank: 51858 core.arc.io — Cisco Umbrella Rank: 65250 tracker.arc.io Failed warden.arc.io — Cisco Umbrella Rank: 52371 cids.arc.io — Cisco Umbrella Rank: 59382	999 KB
10	hubdrive.lat 2 redirects hubdrive.lat	161 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	6 KB
8	thubanoa.com thubanoa.com — Cisco Umbrella Rank: 163093	149 KB
5	interstitial-08.com interstitial-08.com — Cisco Umbrella Rank: 199557	158 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	5 KB
5	greenfox.ink greenfox.ink — Cisco Umbrella Rank: 258620	13 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 577	1 KB
4	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 15895	35 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1212	88 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 434 fonts.googleapis.com — Cisco Umbrella Rank: 48 storage.googleapis.com — Cisco Umbrella Rank: 398	58 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 461 mug.criteo.com — Cisco Umbrella Rank: 2577	8 KB
3	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 931	66 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 353	6 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1531	628 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 961 id5-sync.com — Cisco Umbrella Rank: 442	26 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	306 B
2	ampproject.org 1 redirects www-google-com.cdn.ampproject.org — Cisco Umbrella Rank: 187537 hubdrive-lat.cdn.ampproject.org	670 B
1	on.aws su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws	849 B
1	8proof.com 8proof.com — Cisco Umbrella Rank: 52621	44 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9876	542 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 689	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2935	3 KB
1	gstatic.com fonts.gstatic.com	39 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	93 KB
0	saturn.ms Failed l1s.saturn.ms Failed
201	31

	Domain	Requested by
36	s0.2mdn.net	hubdrive-lat.cdn.ampproject.org s0.2mdn.net ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net hubdrive-lat.cdn.ampproject.org ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
17	static.arc.io	arc.io core.arc.io static.arc.io
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net hubdrive-lat.cdn.ampproject.org ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net
13	securepubads.g.doubleclick.net	hubdrive.lat securepubads.g.doubleclick.net ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
12	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
10	hubdrive.lat	2 redirects hubdrive-lat.cdn.ampproject.org hubdrive.lat
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	thubanoa.com	hubdrive.lat thubanoa.com
6	ad.doubleclick.net	hubdrive-lat.cdn.ampproject.org
5	interstitial-08.com	thubanoa.com interstitial-08.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	greenfox.ink	hubdrive.lat greenfox.ink
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	littlecdn.com	interstitial-08.com
4	use.fontawesome.com	hubdrive.lat use.fontawesome.com
3	googleads.g.doubleclick.net	ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
3	unpkg.com	1 redirects hubdrive.lat static.arc.io
3	cdn.jsdelivr.net	hubdrive.lat securepubads.g.doubleclick.net
2	storage.googleapis.com	srcdoc
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	static.arc.io
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google-analytics.com	www.googletagmanager.com
1	su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws	unpkg.com
1	cids.arc.io	static.arc.io
1	8proof.com	ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	warden.arc.io	static.arc.io
1	my.rtmark.net	thubanoa.com
1	mug.criteo.com	hubdrive.lat
1	id5-sync.com	cdn.id5-sync.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	core.arc.io	arc.io
1	www.googletagmanager.com	hubdrive.lat
1	fonts.googleapis.com	hubdrive.lat
1	ajax.googleapis.com	hubdrive.lat
1	arc.io	hubdrive.lat
1	hubdrive-lat.cdn.ampproject.org
1	www-google-com.cdn.ampproject.org	1 redirects
0	l1s.saturn.ms Failed	unpkg.com
0	tracker.arc.io Failed	static.arc.io
201	46

This site contains links to these domains. Also see Links.

Domain
www-google-com.cdn.ampproject.org

Subject Issuer	Validity	Valid
misc-sni.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
hubdrive.lat GTS CA 1P5	`2024-01-16` - `2024-04-15`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
arc.io Amazon RSA 2048 M03	`2024-01-22` - `2025-02-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
greenfox.ink R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
thubanoa.com R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
static.arc.io R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
core.arc.io R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
interstitial-08.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.8proof.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-16` - `2025-02-07`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
cids.arc.io R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.lambda-url.us-west-2.on.aws Amazon RSA 2048 M03	`2023-12-27` - `2025-01-25`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://hubdrive.lat/file/1708067901
Frame ID: 3FB3C418595628F36A753E8F9F908DBA
Requests: 70 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?290eb2f
Frame ID: EA85D4A7AAD1B67188149633DAC05BF9
Requests: 7 HTTP requests in this frame

Frame: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 68D2A5CFC7E57C44EBEADC2826EE98DB
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hubdrive.lat
Frame ID: EC859519D7DFA4CE4AC9F08261584870
Requests: 2 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?290eb2f
Frame ID: 23851E93A332ACED3D8F3874AACBB792
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?290eb2f
Frame ID: ACCEAC4554F33D7D9EB96B9765B2BD6E
Requests: 9 HTTP requests in this frame

Frame: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FAC628991B0ED564750A71F5AAE7F492
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjS4IngATAB&v=APEucNVHAmEh-0inAa-dwd3k73TSVydszNuwA-EFW7tQOv9f2zMFAMaenvVLhM577G6OspO9m6ycz4XRIyNonGZwnF5W_GdVFQ
Frame ID: E747B4752B0F51647A03585A23738448
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8E63829BA844EE8C6F75CA8F6FE39A0B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
Frame ID: 9230F5FA93E98EE0FD9C7CF7AC611B3F
Requests: 32 HTTP requests in this frame

Frame: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F26B7B12EED7EA875C849EFAA351D90F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDQJxDY9ScY_c_ohQIwAQ&v=APEucNUNc9f8VFALYP9R9aM9CuZrgRGJPNkZNyQBpEx-bGvwwxQiUxMqEg4W0rapDYeTfJEH8BlouF8jidWHdLc0qODAn3WWOQ
Frame ID: D4B555C1F7B7A4C94927A49F25F17E86
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8A493A6CAD9E97A24A0BB7084DBF105A
Requests: 3 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
Frame ID: 9D34ACF0265773FE3355D1F81BD89443
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: 99FF2682D2F2ACDC8270D2D70CC3639A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9C8495F95AD1F8D18EBEB820435CF72
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DBD840569E8FD0330E58A2EFFF09A5B2
Requests: 2 HTTP requests in this frame

Frame: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2FF94DCA730FFEA4599DD8101C8D9CE3
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGNmj94YCMAE&v=APEucNUv7EQrPNJ46l_sRfuyMydc4GfDNeS6HLz9u5KVhWfhpMoVMUknQ8sbDbVkX3vnVdDMINH8vwV9eUbjMAoVImZQ5JPklQ
Frame ID: 46BCBDA3F6532FB510451B0642ABD711
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10646746922912410239/index.html?ev=01_250
Frame ID: 6871643B6AC24E12691EAB2D7B064CF9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3B72B9604A2A7491F1CA2E619A8D1258
Requests: 3 HTTP requests in this frame

Frame: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3AC24C78028A51511EC2109429E856B0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvpGtOSjRZeaOHrCwqMwPkIO98Aj6j4XmbaCDqMWtDcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTk2NzM4NjUyOTE4MjkzODbIAQngAgCoAwHIAwKqBKYCT9Aw8OYZOarJ7AOUvc-nNGgKNs02gMC49OeuCQt3gPz6mOCbgkNrbndd6ipz_vzgAVczfy7w56JKijlopGoWX8znzW62cJQdfjvp5MbFqo9VVozFaNtibHGpmDSx6Isq_RiUrGG8cfaIhWDG1R7IIYFV8PHxHTlcBoWJd9QP5OodjoSMECqJnDKmGVdHP5-D0qBFOgqzRmmnpJ1Aqn-U54WYJYapn_S2EZETPrvUTPsPDmhYP6y-uPXX2Kgs3ZlzUFTbbIbUkTlrgV_mv7FOrBc2je1oly69YtYRwmFphUCGdXTPVX7RERwT4jvvh7RWLeYKBcr0d1lG4k1setIzRyOIxIgYvU0rOy9f83W-WP4hNVGOKOdCHUwjtbhOHnNwxE5wTYAS4AQBgAaasv7io-jXqPEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgIAISL39wTpYr6XK36uzhAOACgP6CwIIAYAMAeINEwj72Mrfq7OEAxUwGIoDHZBBD47QFQGAFwGyFx0KGxIUcHViLTk2NzM4NjUyOTE4MjkzODYYp9yUAQ&sigh=J49HFhfcuO0&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_yJlLWP2luU8dFDC0eYWnL0d-t37P4_hyZ3sGah5BbFUuFQYHlt9VfECynw04Xq636D4JE0AfrFZAnbI5qc4PelBxZqMdYjiQgBgB&cbvp=2&vis=1
Frame ID: 3A8C2BCC27E91788F818500ACF630D00
Requests: 2 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: 41553C29CF0623EFA1680363B0759892
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HubDrive | Salaar.2023.4K.SDR.10Bit.WEB-DL.Hindi.DDP5.1-Telugu.DDP5.1.HEVC.x265-HDHub4u.Tv.mkv

Page URL History Show full URLs

http://hubdrive.lat/file/1708067901 HTTP 301
https://hubdrive.lat/file/1708067901 HTTP 302
https://www-google-com.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901 HTTP 302
https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901 Page URL
https://hubdrive.lat/file/1708067901 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

201
Requests

92 %
HTTPS

67 %
IPv6

31
Domains

46
Subdomains

43
IPs

4
Countries

3728 kB
Transfer

10590 kB
Size

31
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www-google-com.cdn.ampproject.org/c/s/hubcloud.lol/drive/ytdhqrhifffggfq
Title: Direct Cloud DL

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hubdrive.lat/file/1708067901 HTTP 301
https://hubdrive.lat/file/1708067901 HTTP 302
https://www-google-com.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901 HTTP 302
https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901 Page URL
https://hubdrive.lat/file/1708067901 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hubdrive.lat/file/1708067901 HTTP 301
https://hubdrive.lat/file/1708067901 HTTP 302
https://www-google-com.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901 HTTP 302
https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Request Chain 6

https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Request Chain 54

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hubdrive.lat&sn=ChromeSyncframe&so=0&topUrl=hubdrive.lat&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=2zje4HxHcFhWU3ZDUUVlTVdpWWJQb25SUHhobkg3OU9PZm9YaUxiRVNOZDFBWUhieTVQc1J0Q24rYUJHWmVXRUVPSm5FQzh5YTUrRzB6SmI2N1R3K1R5ZVFHMWdFYUo2VkM0SUt4SnFIaDZqaFZRY2R4OC9UQnc0NGRIRkYzczZhMHhnZFY2d00vdjZEZUJHQmg0MFI4eDVYdWhBSXFlY0hHdTVoK2x6N2poTzNRd29tS1VDQTl4WXF2V0FpeVhpTWZWMXF2UnlXWk1ZTnhjbkRhRTV5cnM2WStGQjFiRmhrL0xaK3NmUzNncHM4bHJjQm55T01xdUdnTDBRdUtWbEhPZmxncEpYbjhvRUlPNnozRTNsQlBwbGdGdz09fA&cppv=2

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1&C=1

Request Chain 91

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEoONHM54QAABEMAA914AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF99J_bX72xLiWFPEyI4aUk&google_cver=1

Request Chain 93

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgyNTA3ODM3NDY1OTA2NjU0Mg%3D%3D

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEoOdHM54QAABEMAA914QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF99J_bX72xLiWFPEyI4aUk&google_cver=1

Request Chain 137

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgyNTA3ODM3NDY1OTA2NjU0Mg%3D%3D

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMmyUPGwi3CUnBipn8pqGjQ&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMmyUPGwi3CUnBipn8pqGjQ&google_cver=1

Request Chain 176

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDQ0ZDAzM2UtMDQ0Yi0yMjZmLWVmMGItYTZlY2VjN2I3NGUw

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJ9wrzNBZqD5B3i2NTonYD4&google_cver=1

Request Chain 178

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWJmZTZlZmEtOGM5MC00NWQ4LWE0MDUtNzI1MmExMGMzMTky

201 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

1708067901
hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/
Redirect Chain

http://hubdrive.lat/file/1708067901
https://hubdrive.lat/file/1708067901
https://www-google-com.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901
https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

309 B
420 B

57ms
53ms

Document
text/html

2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 309
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:42:15 GMT
location: https://hubdrive.lat/file/1708067901
server: sffe
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-silent-redirect: true
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 269
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:42:15 GMT
location: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901
server: sffe
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Primary Request 1708067901 Show response
hubdrive.lat/file/ 22 KB
5 KB 136ms
135ms Document
text/html 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/file/1708067901
Requested by: Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63e089f0da1812bf08f644b5ad270450d1e627004a4086fc9985842bcc2d920a

Request headers

Referer: https://hubdrive-lat.cdn.ampproject.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 857132f9dd864bbd-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:42:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSdJUuJFJxQQVxz49DD6yXibBKOB1nEno1HVkY4iamHYVdbbImmWUqiAfz12kzYJhyp%2ByxSUPYi1HqwP8cNI2ezxrIf2v8VZVm0liyOnAX0PoYFXKDN5Sf%2FPcvlqRoFcCPzV%2FeEuDfLD4tk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 clipboard.min.js Show response
cdn.jsdelivr.net/clipboard.js/1.5.12/ 10 KB
4 KB 100ms
31ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clipboard.js/1.5.12/clipboard.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 17 Feb 2024 21:42:15 GMT
age: 3425069
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3500
x-served-by: cache-fra-eddf8230119-FRA, cache-nyc-kteb1890033-NYC
etag: W/"2780-g62mlKGgQ7iOUNNGqfIWRxX9voo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 widget.min.js Show response
arc.io/ 7 KB
3 KB 104ms
32ms Script
application/javascript 54.192.51.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arc.io/widget.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.51.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-51-118.yul62.r.cloudfront.net

Software

Resource Hash

487bc1cf7b1631ce796c055c044f8b4e06a7caaaae72a0804c23e5f2f1791a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:23:19 GMT
content-encoding: br
via: 1.1 9d44e85808045d940d36e8cfb772edae.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 03 Feb 2024 21:43:30 GMT
x-amz-cf-pop: YUL62-C2
age: 1136
etag: "65beb382-b84"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=864000
content-length: 2948
x-amz-cf-id: fJHWhkPa-bC43glJV9cHSU5DgetlDBHdhizeBDTT69WHy_-HwD6sOA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 107ms
33ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 12:37:28 GMT

GET
H2 200 hubdrive4.min.js Show response
cdn.jsdelivr.net/gh/BadAss-King/hubdrive/ 8 KB
2 KB 33ms
31ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/BadAss-King/hubdrive/hubdrive4.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

35876455baa5aee4bfb708042ab2a3c663020c92d4df5b2c1439fd540123fd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Feb 2024 21:42:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28776
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1615
x-served-by: cache-fra-etou8220114-FRA, cache-nyc-kteb1890033-NYC
x-jsd-version-type: branch
etag: W/"20c0-dGBYjUf3YnPvk0t+6zLJ2Lcq5Uc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 746f656c7a.js Show response
use.fontawesome.com/ 9 KB
4 KB 109ms
38ms Script
text/javascript 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/746f656c7a.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757b9768e0c48924a1cdf690463a65d4f48b864f131da4a6e67cafc15bd66430

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 00:54:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6439
etag: W/"5064cc74c4928fbbc06ece65efb72afd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q74qAHV5IosF6jziRWZ6X58%2FNVXKHyD%2FOL%2FTuPlheb1WJPCeog8LLXbQgQ4YcgvzyzZeA%2Ba8yrbyX5BqlByHuw7DjXHC%2FJ6Fc6cf9sCUJjP%2BWjLJUMWKtev7VLSiYCA1Gq2AFRGBU13g11tuYgosllf6"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 857132fb3eb25e74-EWR
alt-svc: h3=":443"; ma=86400

GET
H2

200

sweetalert.min.js Show response
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain

https://unpkg.com/sweetalert/dist/sweetalert.min.js
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

40 KB
12 KB

39ms
38ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7393990
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HG04VG37B5SAPRZED0QGZ8BC-lga
server: cloudflare
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 857132fb7ec74bbb-BUF

Redirect headers

date: Sat, 17 Feb 2024 21:42:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HPWG7F86161SD4XZ66R536M1-lga
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 89
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /sweetalert@2.1.2/dist/sweetalert.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 857132fb2e804bbb-BUF

GET
H3 200 all.min.css
hubdrive.lat/assets/vendor/fontawesome-free/css/ 55 KB
13 KB 42ms
40ms Stylesheet
text/css 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/fontawesome-free/css/all.min.css
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 325911
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDgpFdCBaPQiLb1ulf%2FYxmvxL1vJtiH5P9TYJc2FDElOlXFl4GUVFIbHAKEln7nbwVW7WjRJ4hwVDX6CqLtK%2FKgXHxe8zwt5o4yUy14edEdsiARkAKnu8hOSZfrNZnkVUXZl4NJKHV%2Fykvg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 857132facc114bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 21 Feb 2024 03:10:24 GMT

GET
H3 200 sb-admin-2.css
hubdrive.lat/assets/css/ 210 KB
30 KB 75ms
73ms Stylesheet
text/css 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/css/sb-admin-2.css
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d5ffcc6177da76ee1578b71967331daf019b28e914d75dcc256de90fe9b016

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 18:01:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 768
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdmYzjDZ1ni54LNWqH79cr2fBXCgVjwTRuv99gFfWPqCYcKYSuZ93%2FA3vhlozNHtefub63SHGAR9VaxDc3%2B1pozmPaS3pgsZ%2BtXwNJYXjs4uEYrV4FVj%2BzttDjTGSw3eh4nhbE1w3G%2BRo3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 857132facc184bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Feb 2024 21:29:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 114ms
41ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15e43a1366b7c320c12ace3497892fd0eff14b08d3db0d833874c7a65712fa18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 19:50:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 21:42:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 148ms
75ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9e64766feb949ad18eb8e5c646d10e662c52177eb7e4db9c052d71b709fd707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29129
x-xss-protection: 0
server: cafe
etag: 637 / 19770 / m202402130101 / config-hash: 11148296534494914191
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:42:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 132ms
50ms Script
application/javascript 2607:f8b0:4004:c07::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8QTNRD0R4M

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0b96d63ca38ed0328548cad2e24fe68163ca06f8eaf48c413eb083cb1ce71a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95009
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 21:42:15 GMT

GET
H3 200 HubDrive-NewLogo.png
hubdrive.lat/assets/img/ 12 KB
13 KB 104ms
103ms Image
image/png 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hubdrive.lat/assets/img/HubDrive-NewLogo.png
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1664d91ecac81370ecbbe5f5ae6297a1a5e6c80e8cc5b51ff934ee2bf47f51f3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 768
alt-svc: h3=":443"; ma=86400
content-length: 12781
last-modified: Sun, 21 Nov 2021 17:36:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGZOrxcAXfccWjKFRJ%2BRiukEkoapROW71pZ615YFbG1wczvdxICLPpRjod0w83VuSlkEFzX9gIGdoEAcPlpiTM3%2BHjnrz88oXAizEE09dWUWBXTs8NI8tnrwdVsHA6fUGA3kgzhWN6XyYys%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857132facc1b4bc9-BUF
expires: Sat, 24 Feb 2024 21:29:27 GMT

GET
H/1.1 200
OK asyncjs.php Show response
greenfox.ink/d/ 4 KB
5 KB 343ms
114ms Script
text/javascript 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenfox.ink/d/asyncjs.php
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:42:15 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
ETag: 1d63e790351363d29b61f9cf59b98fad
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=3600
Connection: keep-alive
Expire: Sat, 17 Feb 2024 22:42:15 GMT

GET
H2 200 1 Show response
thubanoa.com/ 42 KB
16 KB 410ms
202ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/1?z=7013738
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 39f6ac51652b9d0c4f9d62f922c983f1875505f3282593283f4721582ee52d70

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: da6577f7b637784fcb62acb0bc37998f
pragma: no-cache
date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: gzip
x-sc: NH_UT2ZThT-4gnp_NytvaCe5RQwFJUzl8cWO0mypIQuf1FfxFg904XszttuAdq4LgbriRnQSxB-Kl91w
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 bootstrap.bundle.min.js Show response
hubdrive.lat/assets/vendor/bootstrap/js/ 77 KB
23 KB 104ms
103ms Script
application/javascript 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b39d09ccb303b024e73b2cb2888b32e1a5dd3f9e69baf6a4e0b0a3d1bafaf01b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 22:41:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 325909
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24bBF2feGROlvMwkQ3pI8yQBakE8T%2BDgnTOX6l3SEmRacD5ZBpK4L%2FyLM36OpZh1a4xoZCCjP7%2BFvypCUsyPa06ojk6G%2FKMrC%2F%2Bd9tenAiuY7CvpjRI9Plu%2BELky%2Fs4oRxQB9U0sCgzzxsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 857132facc1c4bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 21 Feb 2024 03:10:26 GMT

GET
H3 200 jquery.easing.min.js Show response
hubdrive.lat/assets/vendor/jquery-easing/ 2 KB
1 KB 37ms
37ms Script
application/javascript 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/jquery-easing/jquery.easing.min.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d865c4606f6f8fdc900cd531f630064d76dff960ccf06cb46cd3f7a04d713bb3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 22:39:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 325908
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IhD0sIEPNVstcBauCsq2YKPoLo4yx2shEKb3OXWA8XC7ibGp5kBc0y0atOkEqwEuiERK6Uf1NB4Z0smT0Zk7SHx0ihBuO2ffq3T8QM09mVjgsBmtve5PHJHhYM1kuOmcEKQDzGTEWtd9O8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 857132fb6c864bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 21 Feb 2024 03:10:27 GMT

GET
H3 200 sb-admin-2.min.js Show response
hubdrive.lat/assets/js/ 1 KB
1 KB 37ms
36ms Script
application/javascript 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/js/sb-admin-2.min.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f913733fa2872d794c45a1e2191f2e9c75976a7715faf1ef70cf3e364df9458

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 22:24:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 325908
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyWGDS9cWHK%2FVlQZTeaJth6eXK5nMy3s6%2FQnwDDMTRt34NDlMHQt6kZseNkAYTLanoQZMxbhP98hkXPXgUM5irYjtKOuYfpXXeoT04guKbWBI2eqySmHLESodVHPmfwCbk4AUzG8NAFjYCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 857132fb7c944bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 21 Feb 2024 03:10:27 GMT

GET
H2 200 core.js Show response
static.arc.io/widget/js/ 310 KB
104 KB 116ms
40ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/core.js?290eb2f
Requested by: Host: arc.io
URL: https://arc.io/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: d83b7c0e9b8f2e74b3cbe129a54793a25ea5410d9f7730f049df3e1f387be59f

Request headers

Referer
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cdn-edgestorageid: 940
x-amz-request-id: HYNVJZV0E6Q6CP2X
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 22:05:27
cdn-pullzone: 786569
x-amz-id-2: jSWBgJf93d/HbUZQRL/U8XwxG6EwBIhp7toWqb50CXvYFfxwBVi5hd/kXTEFgj24r9/woOoEiak=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"d06b3a90fe0701b7af5d5c4c3a919aab"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: e8d05ffa3cfcd05b8dbda625bea90e1b
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 broker.html Show response
core.arc.io/ Frame EA85 2 KB
1 KB 101ms
34ms Document
text/html 2400:52e0:1a00::871:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://core.arc.io/broker.html?290eb2f

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a00::871:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-IL1-871 /

Resource Hash

fba7b9242113390e99277bd207daba9b5b1bf029ae5a5867472cf0d8c589b05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 02/03/2024 21:48:56
cdn-edgestorageid: 845
cdn-proxyver: 1.04
cdn-pullzone: 786568
cdn-requestcountrycode: US
cdn-requestid: e4c1a477d1a95bfaf3b9a18e2364daad
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
content-encoding: br
content-type: text/html
date: Sat, 17 Feb 2024 21:42:15 GMT
etag: W/"64331d06-612"
expires: Mon, 04 Mar 2024 21:48:56 GMT
last-modified: Sun, 09 Apr 2023 20:16:06 GMT
server: BunnyCDN-IL1-871
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H2 200 746f656c7a.css
use.fontawesome.com/ 1 KB
680 B 42ms
42ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/746f656c7a.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e3737c1cbde4b54f6c8b42fcb3448200d1321b3b514684fcff6411f7e93c63d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 00:54:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6439
etag: W/"7f642d48d16b59af74ffbd2c54362a45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHXYrD6mES5M6EPClMMCcZzDaNFjjxxxt3xeHf6lSBaVDUmfYvPUwbdVFLh92TRpzbM8WhGEW7oKo%2FZFXYDP5QTfxTr9zwazmAgpBlrBVrHs9b5KdxAXDQV3mqjBwvMZ1TNccnFMcLBGQ0r3HXgpRQXE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 857132fbbf915e74-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 139ms
66ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2093a9f5b930a6d1b6637fb285a4573cba22afe06a0bb4e552ee269bad5c1f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29129
x-xss-protection: 0
server: cafe
etag: 595 / 19770 / m202402130101 / config-hash: 11148296534494914191
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:42:15 GMT

GET
H/1.1 200
OK asyncjs.php Show response
greenfox.ink/d/ 4 KB
5 KB 341ms
113ms Script
text/javascript 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenfox.ink/d/asyncjs.php
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:42:15 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
ETag: 1d63e790351363d29b61f9cf59b98fad
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=3600
Connection: keep-alive
Expire: Sat, 17 Feb 2024 22:42:15 GMT

GET
H3 200 fa-solid-900.woff2
hubdrive.lat/assets/vendor/fontawesome-free/webfonts/ 74 KB
74 KB 38ms
37ms Font
font/woff2 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/assets/vendor/fontawesome-free/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Referer: https://hubdrive.lat/assets/vendor/fontawesome-free/css/all.min.css
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 325901
alt-svc: h3=":443"; ma=86400
content-length: 75408
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3e%2FxceS57fkIXbyPxhDVrcGFi1FYd3dQ3rejirv3mZoLLRVIjGDpWJTlDSYiizNERCPFyl2FWMKCNuLyQkSB8KD5ysH6aypFR3n7t2ePUNBPuNxqcFX5Aus0KRVQ6S1W31GfAfERL5vha4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857132fbdcd34bc9-BUF
expires: Wed, 21 Feb 2024 03:10:34 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 97ms
32ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 13:53:54 GMT
x-content-type-options: nosniff
age: 28101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 13:53:54 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 38ms
38ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 315688
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0tumqWs%2FFtJQMFiy%2FTtYnWoS3GGxUK1JJXea7mPLacoFruGWvd3%2Fn5c%2BBCX02Vpwe3cJ17e%2FcMCpHuDUIbSUEilRrM2IzFBJqTBNvV2QV2sL2j%2BF1UdWT6V4rU4LS8Ja5kIyT77KIfPT2CcMTplan0%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 857132fc0fe65e74-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 broker.9e6bf337.js Show response
static.arc.io/broker/js/ Frame EA85 24 KB
10 KB 59ms
58ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: 15dd17bc017fd6b5c5874bf0c0f127131b09f9f8a4a5f596aa846269f4bad7c9

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cdn-edgestorageid: 845
x-amz-request-id: WVMB7WSHFHK8BP4G
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/31/2023 18:51:56
cdn-pullzone: 786569
x-amz-id-2: ut8U8xibf3iaz/nyPFskC06V1qkpfeuTMVA2c6b0DXOBIZFpFAfLB8m2bpv/92nuHuLITn8jL3Y=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"0f4be176d7381439a060ff326b994fd2"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 59db696a5e2bdfdd65a96232b4d5198e
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chunk-vendors.5e1d8045.js Show response
static.arc.io/broker/js/ Frame EA85 49 KB
20 KB 59ms
59ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: c4553db9c6f8ac8363f52730234c6e6978828fd5638df4d0dbcfd8bec71a08ca

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cdn-edgestorageid: 940
x-amz-request-id: 4C8AF6D6AJMQHWZ6
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/31/2023 19:05:23
cdn-pullzone: 786569
x-amz-id-2: eU0NIZ0+9TfvIWl6Z6yZPfBlMAqoP62g4VuYhSSUkECr7Q004OxamOouJe1Msksx7ngCrN3Z5w8=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"c78a505ea0c6b4622562567efbbeb847"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 6039f6402e9eac0fdf7ac3edfb3ee616
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame EA85 0
5 KB 87ms
28ms Other
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cdn-edgestorageid: 1070
x-amz-request-id: VGSMBFHGG1PWTP39
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/17/2024 04:53:00
cdn-pullzone: 786569
x-amz-id-2: jC1iv6NNDVARTkboTrBv11f5N2lwXKSnTRq1/QfRj9QDB1YyutjH1coZ3yFOz8fAC0TqONb4l/k=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1343454a1c763177d59f06c307b3a5a2"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: f952c04a79b3b8b2d7915f1b8bcf1ec9
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame EA85 0
16 KB 105ms
46ms Other
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cdn-edgestorageid: 1067
x-amz-request-id: FJTX3FSKCD4G0CPP
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/04/2024 11:18:55
cdn-pullzone: 786569
x-amz-id-2: bGQ+MeqjFE5dCOy8ukDqqvKsNNEiK3NgdPbtxmGs7BYkhdWsZl1vYbMKP5PEQ04vfim7KmLjp2E=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"d03c11be3537746519138d1fe06bd033"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: b71df8a20460a744e21e8d320d34777f
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 110ms
49ms Font
application/font-woff2 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/746f656c7a.css
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1417770
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrNypuu9028fKt0Q6WjtB6lTq6XVtUW%2Bg8VomWv1DJSse%2BSrdbkGCQcsjDJ%2F617rz1oMpLEXw%2Bq3mG4ClDxXLU%2BNCXkFMkOZZfc5ouIo7PvLAV9ZlXf%2F48y2FPRHq%2BOMZp7l9sVvdX61DWHPHQi4z3gj"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 857132fcbb167d06-EWR

GET
H2 200 vendors~widget-ui.js Show response
static.arc.io/widget/js/ 94 KB
34 KB 38ms
35ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: 7a4a51ab0b9301083e145526762d065e622a0ec8cfb5a866cd6b20c87087ff08

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cdn-edgestorageid: 1070
x-amz-request-id: 71C6FP0Q761QXXV3
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 22:22:24
cdn-pullzone: 786569
x-amz-id-2: aq+R3eP7OcUSBa3HTBvzcmzU/ypGEwu+go5OlAIoozhACI28+r4s5kXBhdOn6uhZh2rEwAxe9fc=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"de8ab4879bd77ebe629c721339d42f65"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 46b4295e596bf43f0d3dc4b44e468064
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget.css
static.arc.io/widget/css/ 85 KB
9 KB 32ms
30ms Stylesheet
text/css 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?290eb2f
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: ca943937aa6c69286d489d0720b1c8734d67446f5495374ff618f40788b65c75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cdn-edgestorageid: 1029
x-amz-request-id: KRXBCRN2X5F5SKHS
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:49:18
cdn-pullzone: 786569
x-amz-id-2: xbAwbmmyVZdw+xAed4uaRv7ByH5/i8GNM9e075cQIPDbR3Ii+9VR4kOk0KaUqFZsHYM27MHRyAg=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"51616a4421ceea014ea555698310a2a5"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: a58d273d9f952ca21b3df32970e2c333
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget-ui.js Show response
static.arc.io/widget/js/ 41 KB
15 KB 61ms
59ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: bb0f8d0ddd86c8950343123306347b29b3dfb334281d37a69069bd2dbe73f42a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cdn-edgestorageid: 1070
x-amz-request-id: HDV9B757SCFNYRKH
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/08/2024 12:39:43
cdn-pullzone: 786569
x-amz-id-2: uCr5ZhdbLlKs8YbkiZdUluVcAKWQDpeI5fZzCwprbeLF8TRdPAIeZQeGv3VzZVd786tsG6shsHw=
last-modified: Wed, 03 Jan 2024 18:03:35 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"932fe4d4a9d62f8d6cdc378aac6e8030"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 940a1e6f009e2ef3f8dcfc6644d25530
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/ 430 KB
136 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b085792cba4cacf7144409083b663be6d15686af10d7b3a1293aea5b7d9b3932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:17:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80713
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138611
x-xss-protection: 0
server: cafe
etag: 13668746270024245435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Feb 2025 23:17:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 465 B
268 B 195ms
132ms XHR
application/json 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hubdrive.lat

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd317a20d438b4caad987f36b1f9e212af87c6e383aa84027d95ae943c083536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 243
x-xss-protection: 0
expires: Sat, 17 Feb 2024 21:42:16 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 100ms
39ms Ping
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8QTNRD0R4M&gtm=45je42e0v9175770313za200&_p=1708206135633&gcd=13l3l3l3l1&npa=0&dma=0&cid=1341488755.1708206136&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708206135&sct=1&seg=0&dl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&dr=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&dt=HubDrive%20%7C%20Salaar.2023.4K.SDR.10Bit.WEB-DL.Hindi.DDP5.1-Telugu.DDP5.1.HEVC.x265-HDHub4u.Tv.mkv&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=575
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8QTNRD0R4M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lazy-modules.a169b1ec.js Show response
static.arc.io/broker/js/ Frame EA85 45 KB
16 KB 29ms
28ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: 2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:15 GMT
content-encoding: br
cdn-edgestorageid: 1067
x-amz-request-id: FJTX3FSKCD4G0CPP
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/04/2024 11:18:55
cdn-pullzone: 786569
x-amz-id-2: bGQ+MeqjFE5dCOy8ukDqqvKsNNEiK3NgdPbtxmGs7BYkhdWsZl1vYbMKP5PEQ04vfim7KmLjp2E=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"d03c11be3537746519138d1fe06bd033"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 6d5c5efdc52fea0052b3bf602e5a92b4
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 90 KB
26 KB 111ms
40ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5101d202c69226aa554c5a7dd1e747e5bfcd5354fcf9013f43cbda40e6362996

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 16 Feb 2024 11:30:50 GMT
server: cloudflare
x-amz-request-id: RJP4E0AG21BA22VN
age: 1314
etag: W/"fbf94277ddc1a5b108475f46bccc9b0e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 857132ff2e716aee-BUF
x-amz-id-2: zVoWTyk0i+pppvMOwqV0mE2bfpuy0GlO8OWm1NKUsA3BkUfF6v3F1uBd3mhjO0IasnWna3Ap9YCDFv1KNdAINA==

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
814 B 31ms
30ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Feb 2024 21:42:16 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7244
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-ewr18165-EWR
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 119ms
35ms Script
text/javascript 2600:9000:26a0:2c00:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a0:2c00:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sat, 17 Feb 2024 11:01:12 GMT
Via: 1.1 1f0f1388abc5c7a2f1935aa322216120.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YUL62-P2
Age: 38465
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: uHciikYwjVLmHoIYbcrKzVPRbETlHPBlOahIgLsKzmjz4a2PIFo9oQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 127ms
59ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 07 Feb 2024 07:37:39 GMT
server: nginx
etag: W/"65c33343-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Feb 2024 21:42:16 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
848 B 1844ms
1840ms Fetch
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326153491635214&correlator=1569028977865937&eid=31081195%2C95323523%2C31079233%2C31079962%2C44807746%2C31080116&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.lat_anchor%2Cmix2ads_hubdrive.lat_interstitial%2Cmix2ads_hubdrive.co_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1x1%2C1x1%2C728x90%7C320x100&ifi=1&sfv=1-0-40&ists=6&fas=1%2C8%2C0&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708206136069&adxs=-9%2C-9%2C488&adys=-9%2C-9%2C94&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=0x-1%7C0x-1%7C1080x0&msz=0x-1%7C0x-1%7C1080x0&fws=2%2C2%2C4&ohw=0%2C0%2C1496&ga_vid=1341488755.1708206136&ga_sid=1708206136&ga_hid=450128781&ga_fc=true&dlt=1708206135466&idt=478&adks=2691604385%2C4130931250%2C4245700628&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ef1914f65b438c33fe5d0bf8ebc276aad3e6077ed63fd6b5318038d71cfbbb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 818
x-xss-protection: 0
google-lineitem-id: -2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 108 KB
44 KB 1427ms
1425ms Fetch
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326153491635214&correlator=1569028977865937&eid=31081195%2C95323523%2C31079233%2C31079962%2C44807746%2C31080116&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_5&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708206136078&adxs=702&adys=157&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1076x0&msz=1076x0&fws=4&ohw=1496&ga_vid=1341488755.1708206136&ga_sid=1708206136&ga_hid=450128781&ga_fc=true&dlt=1708206135466&idt=478&adks=4268415557&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fff0c5dd31da374be16e16094f4272bdd7e43e2ad56b3c29abda77e63752079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45223
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 774 B
372 B 73ms
71ms Fetch
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326153491635214&correlator=1569028977865937&eid=31081195%2C95323523%2C31079233%2C31079962%2C44807746%2C31080116&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=5&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708206136081&adxs=702&adys=177&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1341488755.1708206136&ga_sid=1708206136&ga_hid=450128781&ga_fc=true&dlt=1708206135466&idt=478&adks=1411793224&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c81debd9f6a47b75383988410f4b8cf6750f23fa23d4d2a8ef4ed2071029f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 90 KB
42 KB 944ms
941ms Fetch
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326153491635214&correlator=1569028977865937&eid=31081195%2C95323523%2C31079233%2C31079962%2C44807746%2C31080116&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=6&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708206136085&adxs=702&adys=372&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1341488755.1708206136&ga_sid=1708206136&ga_hid=450128781&ga_fc=true&dlt=1708206135466&idt=478&adks=3263134374&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56430000e88585edc3ebf852d96d98f321a53104ac1f60a5e84bdfa68deea903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42625
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
45 KB 524ms
520ms Fetch
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326153491635214&correlator=1569028977865937&eid=31081195%2C95323523%2C31079233%2C31079962%2C44807746%2C31080116&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=7&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708206136088&adxs=702&adys=372&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1341488755.1708206136&ga_sid=1708206136&ga_hid=450128781&ga_fc=true&dlt=1708206135466&idt=478&adks=4224613116&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

121af9ef11bee0dc782d9e111852c78ff38876bc57e059c89883521ed544664f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46325
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
17 KB 1844ms
1841ms Fetch
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326153491635214&correlator=1569028977865937&eid=31081195%2C95323523%2C31079233%2C31079962%2C44807746%2C31080116&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=8&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708206136091&adxs=702&adys=410&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1341488755.1708206136&ga_sid=1708206136&ga_hid=450128781&ga_fc=true&dlt=1708206135466&idt=478&adks=2438643228&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c1d16719a78d48f2627cc5915ba6c3cab7cc502ddaee904a84aac319774d0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17402
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 774 B
371 B 1410ms
1407ms Fetch
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3326153491635214&correlator=1569028977865937&eid=31081195%2C95323523%2C31079233%2C31079962%2C44807746%2C31080116&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=9&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708206136096&adxs=702&adys=522&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1341488755.1708206136&ga_sid=1708206136&ga_hid=450128781&ga_fc=true&dlt=1708206135466&idt=478&adks=1424888676&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c8656750e3e31b4904f0582890952fc34ddc21f068babf06769b4573f5c015d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 341
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 68D2 6 KB
3 KB 104ms
34ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:42:16 GMT
expires: Sun, 16 Feb 2025 21:42:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/ 45 KB
14 KB 34ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edb3c01e1be23cd4ab06a59dd05ed00229349a2c70b703607ad37e618b6251d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80417
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14639
x-xss-protection: 0
server: cafe
etag: 18293442981272338312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Feb 2025 23:21:59 GMT

GET
H2 200 2dfc5cc60fdf6636778a3fa44bb932c7 Show response
thubanoa.com/27/ 403 KB
128 KB 102ms
102ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7

Requested by

Host: thubanoa.com
URL: https://thubanoa.com/1?z=7013738

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

400851f4cac11f9e1867253c679fa40d686f328c0f61fa2957178ac544625f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: 87b68c91f2cba19e7d66fa6d117c9c9a
date: Sat, 17 Feb 2024 21:42:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Thu, 25 Jan 2024 06:27:22 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Thu, 24 Feb 2084 06:27:22 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 353ms
118ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hubdrive.lat
date: Sat, 17 Feb 2024 21:42:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EC85 14 KB
6 KB 99ms
36ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hubdrive.lat

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:42:15 GMT
server: Kestrel
server-processing-duration-in-ticks: 479986
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

sid Show response
mug.criteo.com/ Frame EC85
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hubdrive.lat&sn=ChromeSyncframe&so=0&topUrl=hubdrive.lat&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=2zje4HxHcFhWU3ZDUUVlTVdpWWJQb25SUHhobkg3OU9PZm9YaUxiRVNOZDFBWUhieTVQc1J0Q24rYUJHWmVXRUVPSm5FQzh5YTUrRzB6SmI2N1R3K1R5ZVFHMWdFYUo2VkM0SUt4SnFIaDZqaFZRY2R4OC9UQnc0NGRIRk...

420 B
1 KB

100ms
36ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=2zje4HxHcFhWU3ZDUUVlTVdpWWJQb25SUHhobkg3OU9PZm9YaUxiRVNOZDFBWUhieTVQc1J0Q24rYUJHWmVXRUVPSm5FQzh5YTUrRzB6SmI2N1R3K1R5ZVFHMWdFYUo2VkM0SUt4SnFIaDZqaFZRY2R4OC9UQnc0NGRIRkYzczZhMHhnZFY2d00vdjZEZUJHQmg0MFI4eDVYdWhBSXFlY0hHdTVoK2x6N2poTzNRd29tS1VDQTl4WXF2V0FpeVhpTWZWMXF2UnlXWk1ZTnhjbkRhRTV5cnM2WStGQjFiRmhrL0xaK3NmUzNncHM4bHJjQm55T01xdUdnTDBRdUtWbEhPZmxncEpYbjhvRUlPNnozRTNsQlBwbGdGdz09fA&cppv=2

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1708067901

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

48300d1c7ab651001aae3c637c6239cbb6d27267c76798f122f7a564bc9f1555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2253889
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=2zje4HxHcFhWU3ZDUUVlTVdpWWJQb25SUHhobkg3OU9PZm9YaUxiRVNOZDFBWUhieTVQc1J0Q24rYUJHWmVXRUVPSm5FQzh5YTUrRzB6SmI2N1R3K1R5ZVFHMWdFYUo2VkM0SUt4SnFIaDZqaFZRY2R4OC9UQnc0NGRIRkYzczZhMHhnZFY2d00vdjZEZUJHQmg0MFI4eDVYdWhBSXFlY0hHdTVoK2x6N2poTzNRd29tS1VDQTl4WXF2V0FpeVhpTWZWMXF2UnlXWk1ZTnhjbkRhRTV5cnM2WStGQjFiRmhrL0xaK3NmUzNncHM4bHJjQm55T01xdUdnTDBRdUtWbEhPZmxncEpYbjhvRUlPNnozRTNsQlBwbGdGdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 616717
content-length: 0
expires: 0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 321ms
116ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3b49e4e2d0608154af70b0aa66b8e84756b395091b856d0864223fad32baa0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 2385 85 KB
9 KB 29ms
28ms Stylesheet
text/css 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?290eb2f
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: ca943937aa6c69286d489d0720b1c8734d67446f5495374ff618f40788b65c75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:16 GMT
content-encoding: br
cdn-edgestorageid: 1029
x-amz-request-id: KRXBCRN2X5F5SKHS
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:49:18
cdn-pullzone: 786569
x-amz-id-2: xbAwbmmyVZdw+xAed4uaRv7ByH5/i8GNM9e075cQIPDbR3Ii+9VR4kOk0KaUqFZsHYM27MHRyAg=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"51616a4421ceea014ea555698310a2a5"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 7c0a287969940ea2050398b5186c681e
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 2385 2 KB
1 KB 100ms
37ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3215135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 631
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPnEaYwaFsXKO4ZqG7lQ%2Bp7ylD6wnDDl5pxPc5nNnIfgns2jU8JOp12VJx%2FPGhT61CPck8k6psJf95tIVJTIOl%2BxbOMmDGWxamKtu3LCSOMTelYk8iVI8zCO7uq7uxBtbmhKjQ5BrRWlkRN8%2BjhO0pKP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8571330189086aee-BUF
expires: Thu, 06 Feb 2025 21:42:16 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame ACCE 85 KB
10 KB 32ms
31ms Stylesheet
text/css 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?290eb2f
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: ca943937aa6c69286d489d0720b1c8734d67446f5495374ff618f40788b65c75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:16 GMT
content-encoding: br
cdn-edgestorageid: 1029
x-amz-request-id: KRXBCRN2X5F5SKHS
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:49:18
cdn-pullzone: 786569
x-amz-id-2: xbAwbmmyVZdw+xAed4uaRv7ByH5/i8GNM9e075cQIPDbR3Ii+9VR4kOk0KaUqFZsHYM27MHRyAg=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"51616a4421ceea014ea555698310a2a5"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 9a4b6ea6ea55a9cc704bd729ff99c9d0
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame ACCE 2 KB
930 B 94ms
38ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3215135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 631
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDlxY%2FPTPfuufu8anqXJ91VoUM7jsqSNfkm%2B%2FAcQTaOc5jn40wAAxQGpVDPi5Bgq2Ev1NRI116OEJr1ZWHow2tNxuK2qy%2B%2FDQys3hZdEJykj%2FcpVSktTpGU1qXRmY9CvfQkeVWMnN1JfaqQ6olh%2BaBXW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85713301890a6aee-BUF
expires: Thu, 06 Feb 2025 21:42:16 GMT

GET
DATA 200
OK truncated
/ Frame 2385 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ACCE 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ACCE 277 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame ACCE 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ACCE 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ACCE 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ACCE 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ACCE 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK asyncspc.php Show response
greenfox.ink/d/ 3 KB
2 KB 112ms
112ms XHR
application/json 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenfox.ink/d/asyncspc.php?zones=7%7C10&prefix=revive-0-&cphost=43519b58b68d940f8734726dfed6c5c9%7C1%7Chubdrive.lat&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&referer=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F
Requested by: Host: greenfox.ink
URL: https://greenfox.ink/d/asyncjs.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 94c2dbf270ed4a20bc7ce6d671c53dbb4bef954181b13a76d95e77db70cf7281

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:42:16 GMT
Content-Encoding: gzip
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://hubdrive.lat
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 131ms
57ms XHR
application/json 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0f755e1d8c273271b3237400ad7fee7f173c8099ac5f3f1766e9b58acafb6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12271
x-xss-protection: 0

GET /
tracker.arc.io/ 0
0

GET
H/1.1 200
OK lg.php
greenfox.ink/d/ 43 B
523 B 119ms
118ms Image
image/gif 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&referer=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&cb=416dbc6344
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:42:16 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK lg.php
greenfox.ink/d/ 43 B
523 B 118ms
118ms Image
image/gif 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenfox.ink/d/lg.php?bannerid=45&campaignid=14&zoneid=10&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&referer=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&cb=c1080024d9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:42:16 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

POST
H2 204 VdgpVj8iC7Ci1CKMVaNz4S
warden.arc.io/mailbox/nodes/ 0
0 123ms
39ms Fetch 18.223.141.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://warden.arc.io/mailbox/nodes/VdgpVj8iC7Ci1CKMVaNz4S

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-223-141-84.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 17 Feb 2024 21:42:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 792ms
725ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:42:17 GMT

GET
H2 200 container.html Show response
ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FAC6 6 KB
3 KB 34ms
33ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:42:16 GMT
expires: Sun, 16 Feb 2025 21:42:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E747 624 B
825 B 132ms
64ms Document
text/html 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjS4IngATAB&v=APEucNVHAmEh-0inAa-dwd3k73TSVydszNuwA-EFW7tQOv9f2zMFAMaenvVLhM577G6OspO9m6ycz4XRIyNonGZwnF5W_GdVFQ

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:42:16 GMT
expires: Sat, 17 Feb 2024 21:42:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame FAC6 172 KB
61 KB 101ms
32ms Script
text/javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Origin: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Feb 2024 12:54:08 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame FAC6 8 KB
3 KB 141ms
75ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 09:21:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:21:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame FAC6 23 KB
9 KB 136ms
75ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 01:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 01:04:33 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame FAC6 41 KB
14 KB 33ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:20:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame FAC6 3 KB
1 KB 45ms
43ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 23:06:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame FAC6 20 KB
8 KB 41ms
39ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 23:22:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FAC6 42 B
63 B 149ms
91ms Image
image/gif 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DremV3C4EL2PD32vvLXUtb9aaDChb8-wIGCrzgZsPy11ZMm76X7lmCeooJCUmqCmXOfQ1sZUTCFGyRCAI0RicxnqbCixK7olknNnIzpSNAjZdZeIM

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FAC6 204 KB
61 KB 89ms
31ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:09:58 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8E63 38 KB
13 KB 33ms
32ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 166961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 23:19:35 GMT
expires: Fri, 14 Feb 2025 23:19:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FAC6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47b675a7479aba680e5d2d265f1f0a561f53498e76001c5f54f62b8d0500bb4e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 9 Show response
thubanoa.com/ 6 KB
3 KB 106ms
103ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/9?z=7013738&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&oaid=6b2c7a258df14984b5f57c17e4cccc48
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 85648d637e15a27b15f25115914ca184c596c256caae2019929b56ed58d8eb3b

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 85ee1ad97cc2a974d709fd99cffcbcb2
pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: gzip
x-sc: 4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
thubanoa.com/ Frame 0
0 384ms
103ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/9?z=7013738&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&oaid=6b2c7a258df14984b5f57c17e4cccc48
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hubdrive.lat
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://hubdrive.lat
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sat, 17 Feb 2024 21:42:17 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E63 51 KB
19 KB 40ms
39ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 05:40:19 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E747
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1&C=1

43 B
783 B

59ms
59ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjS4IngATAB&v=APEucNVHAmEh-0inAa-dwd3k73TSVydszNuwA-EFW7tQOv9f2zMFAMaenvVLhM577G6OspO9m6ycz4XRIyNonGZwnF5W_GdVFQ
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HmhCODtwboWKEIjxAvYLgTUsSERmYc70OqUUBvp8JWTjMP8n0%2BQk1eXiouD3gqi3ebCm%2Bh6EKp36Z%2BVyhrFdkCPsJv3J4hKOODwwdtIB8wVkHcFPjGKO3hADiBoRt9tuErPjBF0CCNHSHL9xvcEOyoLBW%2FqQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85713304bce76aee-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6qYGo6K2uPwED%2FMegrIcg6vW6G3iDPbb3H0b6O2kTeY8pWLNhLtM3sY6pfqYpOgwDZamgHIB8ZhNtYNHsSsyaNov8oNFQL8ByZ%2FvLrlc7WRULuHC5ajUWAmbvmTS6ytvldrKMglTdVmdccQFewt6CSGz8ozKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8571330448fe6aed-BUF
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E747
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEoONHM54QAABEMAA914AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1

43 B
747 B

61ms
61ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjS4IngATAB&v=APEucNVHAmEh-0inAa-dwd3k73TSVydszNuwA-EFW7tQOv9f2zMFAMaenvVLhM577G6OspO9m6ycz4XRIyNonGZwnF5W_GdVFQ
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbXhpKOInqDDN%2BPVF9Hn7ybz7hPZpGvNrmM3EGMohq0Fs82iQJwYy4PpcAlTpcBI%2FS1rKg99mBfYQluek9ywaXlhMy9Al13VaC%2BJEEjS5a%2BJWiLYSumBVmfAznehGgl9jHCUJmCNPq6kdFLMSa5BEviq5ObDWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 857133053d976aee-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E747
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF99J_bX72xLiWFPEyI4aUk&google_cver=1

43 B
1 KB

35ms
34ms

Image
image/gif

68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF99J_bX72xLiWFPEyI4aUk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjS4IngATAB&v=APEucNVHAmEh-0inAa-dwd3k73TSVydszNuwA-EFW7tQOv9f2zMFAMaenvVLhM577G6OspO9m6ycz4XRIyNonGZwnF5W_GdVFQ

Protocol

Server

68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
an-x-request-uuid: 1a111f1e-e9b7-4638-875d-abcc90a4f5ef
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.34; 96.9.249.34; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF99J_bX72xLiWFPEyI4aUk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E747
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgyNTA3ODM3NDY1OTA2NjU0Mg%3D%3D

170 B
243 B

50ms
50ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgyNTA3ODM3NDY1OTA2NjU0Mg%3D%3D

Requested by

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
an-x-request-uuid: d9779d42-c59e-4523-a4e8-45ef7e74977b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgyNTA3ODM3NDY1OTA2NjU0Mg%3D%3D
x-proxy-origin: 96.9.249.34; 96.9.249.34; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 53 KB
6 KB 99ms
34ms Document
text/html 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d01ac26c5959ba14ab488f5fbec45d15679a0a81152bef49144200d52b9ae895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:42:17 GMT
expires: Sun, 16 Feb 2025 21:42:17 GMT
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame FAC6 0
0 174ms
97ms Fetch
image/gif 172.253.62.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstbIgQpDwnC_r0qzrYj5uZTdfvyF3V-9PVRKsKvEG2lyotA9Vo8BVWriIB29ZEEJ_RWf500grXhEdPTI16xodxJF33HspgAlBwJKo3HHDqjxQIgBSneUXTkIZNPBlhbEOZCUvYbTdNFAZd2G54Y_HEdOHWfVYpiF6BBt7i23l9cb6tqWiA9cRY59sUA0-SLUJnn9unohf7dO2gumdYmOvnoruEPcpOp9K_epJ2NWJOlGlmTycv3wpOsxWpcuECBcY1aeikhrExMHYaFups7yrabQxwWXQkT_qjTHKVTPsZf-a0i3PRyLM-nk1kwtITGmqw5zGIkyA88qxGVQoEYqlHVoUfeR1-jzpdqN9mooTaME2VrsBnTv5b-iWCnYIe1KFUG7_EJj3jKfv-n1JQPnZqPGSYhCM_nQxvOyO2GzGXQHvlZuAsUbl5NEiBsuCQ-jOgtWfG9y21F0bb-2209L-isoAlGDX5aFYDKrNXDenv49DEKhVpHrm5mxuY9QhkIQVmvbryi0ri_o8_OkrKSTyGUep_9-dhJPL1K_P7PL2sE__GsKwyPBOwlhqDPI6Hadon3tchhIsMgzXh1zw4U_sIhUFATIwAGpYC0oiT8TqiwwX0ydrxu09_vO6ltFIg0mL7Wrs_ZpbtWe1umOpFqf51QDx6YSVHAABZTJUSfvSamuZ-owvYN0n9i_YcP_hhAulb-l7auXYL2hYuV9TUQjKQ84S_dMRW7d7TJgD1gXd0UqE_K7y-n142d6Vd-BCOmhW1dl4SLW-il2kBKEXSsPrHhzDw2ZS-DO3YE4oWiMr852ggow3GTfmwBYe29yKYjpFg5HhrLFbKURIeFKPPpUUCasDabboJGJPS7hAnPdTZd1EhpYe0RuB3ePUhASuWvjstuR5-rwPkABtGKPVNU2aVLOqlI0aN771-x_LOsQB57IN7XzcbCflbV-PKnQWQiGv88j5dMxxmeVA-cUFP3bwFucF4hor5Ip93FcprG4bSj8mmK-zT6cU5NNq5UPPhreY80uzsQg1KrAnXlE5pviDsvz1-h6sGo8UyJiLjh7YqYdtyMItqOVITj5X6ujwEqzUlxeUmH9sA_-KvmxMtXRS7OPOmtcVHa6qxIJTe8UVGPZQqt3Y5Sn6bvny0mMixSKiUjTPbvElHaQBDsS-KjCg9lOIADzyMiVyvtBErSmVyHSCIzOD85QcUjxiqpA4cmaoUXFDLOKf82Y7uRmIV8zeztK_8SZwvEMMufXqhlW6uCQSwueF7kklMJJA6-PkJfb1RcVoh5UY8C4E_koX1vtaaZIFHpMDoy_x7biRUWz2v27y2UG2yoF0-SFkL2-Q42mVcLEqOCbZmALpJ3osl1TsJBlZ7KjqGSKSbB8z3S5n3vKAD160ZU2YPiJL7bneZCWiYfRonSi9WZM9t8jFepIAXY701g7X_NS3pkjBnMe2epvv-1jMAslIMEKSTZh-RojtJ9XuXr7BqUtWi6gbavncDS5VaJBvyxy2EDHw&sai=AMfl-YQ1Ye-yHCfvx86pv6NsH34tQE3a-DH_jXBbWHiow_RED62yYlMy3WoaUUEf-6kHUIOJMjWlidBUCMyRwZWQmYCgMnIncvWbCJDQptW-Af8STLbCkpiHfzlr7mnfilTtdIrWkdsRkzuQ4sdN2t0kAAgWsa6B399Hh11ogMGVKYbb4XXV1z1xr2AN8d_vs_NuB-JR5mn1FXw47KVRcegQ_cVcmY7qSeiC5E2gWZ8wVyJzDRLuyH3hjBJolbxWT56qsrX0RbP-ffzX99yoSUHzOZrBf22ANOFrENqSzyA7cr30teJZiUvjEFneNLEPS4WsnSOWsWzQJMFsoUA3Za-OyY0UyZ8ATfYC1mDAOcfImIeWFbU4595FXIwGcZN0oMuVQelqFs86udkrJo8WcwjltFchKBJsEfWMgHvVXzYHIMda4TEU0MZkj479TN0U2VfiZRKJDdsHg8vOwoSG5QrIC6ma3TY9VN9R81irDL91eugV6DXSdPzm1t8kBoG8YGBdNt96lg&sig=Cg0ArKJSzEj0WmCGVtE2EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=225&cbvp=1&cstd=209&cisv=r20240215.16333&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 21:42:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:42:17 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 55 B
104 B 38ms
37ms Stylesheet
text/css 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 13:53:07 GMT
date: Sat, 17 Feb 2024 13:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 731 B
264 B 45ms
42ms Stylesheet
text/css 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 10:49:21 GMT
date: Sat, 17 Feb 2024 10:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39176
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 24 B
73 B 45ms
41ms Stylesheet
text/css 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 11:03:39 GMT
date: Sat, 17 Feb 2024 11:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 303 B
203 B 46ms
43ms Stylesheet
text/css 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 15:58:30 GMT
date: Sat, 17 Feb 2024 15:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20627
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 26 B
75 B 46ms
43ms Stylesheet
text/css 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 15:58:30 GMT
date: Sat, 17 Feb 2024 15:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20627
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 157 B
145 B 45ms
42ms Stylesheet
text/css 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 14:07:23 GMT
date: Sat, 17 Feb 2024 14:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 20 KB
6 KB 67ms
64ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 13:09:36 GMT
date: Sat, 17 Feb 2024 13:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6266
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 3 KB
1 KB 70ms
68ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 11:49:48 GMT
date: Sat, 17 Feb 2024 11:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 8 KB
3 KB 66ms
63ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 11:19:15 GMT
date: Sat, 17 Feb 2024 11:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3136
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 9230 120 KB
41 KB 53ms
51ms Script
text/javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Feb 2024 11:49:41 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 13 KB
4 KB 51ms
49ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 13:10:42 GMT
date: Sat, 17 Feb 2024 13:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30695
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4427
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 5 KB
2 KB 50ms
48ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 11:03:39 GMT
date: Sat, 17 Feb 2024 11:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2014
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 1 KB
620 B 50ms
48ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 11:19:15 GMT
date: Sat, 17 Feb 2024 11:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 590
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 4 KB
2 KB 46ms
44ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 15:28:07 GMT
date: Sat, 17 Feb 2024 15:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22450
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1725
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 3 KB
1 KB 45ms
43ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 15:08:52 GMT
date: Sat, 17 Feb 2024 15:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 3 KB
1 KB 79ms
77ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 12:21:23 GMT
date: Sat, 17 Feb 2024 12:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1485
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 5 KB
2 KB 48ms
46ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 16:32:28 GMT
date: Sat, 17 Feb 2024 16:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2351
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd-text-fitting.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 5 KB
2 KB 46ms
45ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwd-text-fitting.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 11:03:39 GMT
date: Sat, 17 Feb 2024 11:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2038
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 23 KB
9 KB 71ms
69ms Script
application/x-javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e8192b8273cf0f846c3c9365b3aa10305dffd49c8b219628b31430db949f230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 10:49:21 GMT
date: Sat, 17 Feb 2024 10:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39176
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9209
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E63 0
20 B 94ms
93ms Image
image/gif 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwwcmOCjRZc7BCZWho9kPhqqcwAkAAAAAOAHgBAI&bg=!AwClAE_NAAYBC1i-IQs7ADQBe5WfOCqK9sbZgw9LKUS0v18RxoU5iSwYcovMMq8eHzvl2dtR3cA02B_JwCt5Drs57mIbAgAAAEpSAAAABWgBB5kDF4eV7znncq_5PFzKCchpbi4h0t4gE-JaCDqjoTxoZUfUOXgDHUpnU0K-reMXoZDJgQ4b_w5z0vCQMyfsAcotEMMxLykSlSYNeJBtaDSZKw8q6slv2iApL2aeFQHTqXcUZzEQtr4q7P5YSDqP8ZogF7GpYaQHQTBuOIM076u3gKu1blTwtfXPC-V9c6oXAhxWfNn5LQAP_LeD5oaszhSHGP4rqFo7ONoXu_XF-dDSrvtpTdtP5WQA4IoG0FWWP16YpdT24WUx0zMwMuc8-nZ6ZLOyC7xcrRmjc1CPIJHmRSq0im0X1Xt63nurOxfk3tEMzkDlPmqvo7ZuViOlsbYj1nAxCDvBHPMdYaqmCrUdUO4fc46S45GODI-f2AjyqF_7-qHw0Gmz5Cpdw1Sm68T0A4jlrm_tvogN8O1x8DrQ2Astzh-SRknDDybNVR0HcYdmutpS4MYmTm-qPE8omzu839rmce9IemDvNpRHyKZx021uT8zFjFHYkzMiwIPbF3sdfeLprAt36d67C7dkrZ7EXAiPA1GfHzXE44gRsBhVv27U1HBLEodoxn4MxxYgPl4AxT9WgriXEq8RuzyzgFJ5pPIuKCaUzB8dQMQh5qF6jKeGfzlolOPMeYr7R2UbCA04gK72afcYyhWmnhwsqFqt5snP9U17hWMoMhTU0Ez_9fJW2MoQaWe-VhyA7tEZ-yMEFxoSnwYBcA7yTfIydaMSfWbZtKuo17_qrzfr_j5AD08N1sf9WPiCbjKmj2kNKr502-70tK75nLaWfzonEJPT1tBJBszxUFvVBc7q593HfEe_bQ75SyeRMYY0LvlUST3256sy7LYcwz-9fHo__loIy45XkpV3rh--BIH5_eh94DHebLAyeVHuxFlAQQTqhq-wSTatdzVStGHK4O18USH_eclLHcD7p4OOSaFZb4F3lLZQ40lTzgSFJloIiaAxTVf5fS1ao5uTUZqXrpdrMu1yK0ypBL9Wl_tjoVZdNcPKWgYkBRoj45N5dJmXhI9a9DUF9dHfnXaWOR7u7fx4OEjRvC8xqFAXgxaF

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F26B 6 KB
3 KB 33ms
32ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:42:16 GMT
expires: Sun, 16 Feb 2025 21:42:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D4B5 624 B
245 B 67ms
66ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDQJxDY9ScY_c_ohQIwAQ&v=APEucNUNc9f8VFALYP9R9aM9CuZrgRGJPNkZNyQBpEx-bGvwwxQiUxMqEg4W0rapDYeTfJEH8BlouF8jidWHdLc0qODAn3WWOQ

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:42:17 GMT
expires: Sat, 17 Feb 2024 21:42:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame F26B 23 KB
9 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 01:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 01:04:33 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame F26B 8 KB
3 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 09:21:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:21:54 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F26B 0
0 98ms
96ms Fetch
image/gif 172.253.62.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstO665DtT_IO5O0mCok6jvRv6_9lNzkmEXFLZ48q163myNITdgBd5_lgisZRG7b0L-p6hLFHvZ9f38sUw59EkwawYPk5tED0TJnJZUBuUsmBCHQm281u0zTY4JuH39my2o-M7M68VX42d6hBlad5C-KUynUwYOzUVC6vhQFA692XiT2ngolVoRc5SVeG5_W7HxcYMfJ4kzEwlW7LQ_HS8x21-iLicryuw8V_RMKVoNsgDmpvrzjv75kcyHdHH9b3vL83OyuehG4iWnaXH2D0ZuEVUFWYe0hXsVApFpwaO2QOc4OjVgM1R-Aid4GRPJ_egh_WRj7npnQ0HjLZuHlbWlofLDV1wJiQu8yoAf5EH5hoMF-jlx-N4cXxj9Y-OjXfGVR_6P6lMC4qfwT9qyGm0nBIrW_5-2hIecdNYXm9_teZgPKpUJbBOwELVFwoMP9jP4UiG4QRMzifMDHzSPuZsU7jFZ8raMLS-yK1fsubmrLsWU2gbNcuP7_Mw6chFXQr2qYaQ-hXsp-xluxE0Tb_F0dZs20TIlkeFIX2S2KiI-2gFKgpr6RWQQA2eiMeNIEN-cTfXggbXWmR-6kwdEZQU2TJfQ4kuPhzgblxvnXA2LWj2FWPPb8N3d89XfW3bWqACTlTuZuDFCumsC3mY5JxlI0LAzXkgP75RnRH-7w8nLdDqbUZOIDGJ9ReCj-1eLwZq8I8TZ1gUe4LRbqTzrzjlhRNGtvhP0fqtuwL64tZtzeoaD322vGfKMstfr92wPj6hM-00hhMUFMHmiVG8-RwDzQpxRsCh__wuIHTWwftK77uC_2tHvoqoijuX131KDXTr5gn3p6wnt8gBB8InC1LdNX7ZGSfbjopM3eDHAgnmCrbMBGthNebn32uUvjsW1y-2_So3xJiqtcVaW_7OsBOEauMzChf6KXUaG8OJP8uFIWnHpyBFCS4H7JOqnV2ANbpafc6mDo9m_B06uMbQLxTU1Bt_VY15oU6_iHSe0OBpA7Fg9mNia9MUzD1Cg_ob5Vrqv63YaZwpS6cLf_WNe0e8WDm-6cn0fG8QHvZE27msvypRmC4HmRoTcgxJfQXYidAZ6aDg6gD9QkqDfNX9nqb0T5XHkwD6T3H0M-jNflIEXuQSpfLzYbcpJBliYWV_zUXWkXcOhARfHMSLTeIjWjXTFSAcyYYAazvk35_88iMDUShLXw96NRBwm2p7lUhW-xK91o7AMDOVP3Tbsce6mAALjXKr-4jGjVHh2yoURKml4eaEZa8-LOMNMKB_n7sOfv87dI1BPIgpmnVxNKeE_MsIDammkhbjpqCIPjdtfEnNveQq0KHoyJopWxrwjQtxODQcLVwHCcqcNzBlmOHDrP22U5FZ7YHnLaBpfF-5qgOgmFy9y1_3Dia8tK5WjLAi13evUEwoNMTuM9HsEI8VHAFjC3IivpEUeRUGmeRHo5TojxfPgX9n6_TH2YMOpLATddX6s&sai=AMfl-YRTwuGA6IU4IQOtKdFUiz-vzwvYwXftMD6eJMf4Tp3-osQ7KLLLB7VvB6lXIT9NkSYMSzc1qZVv_3KxnmNjaO4hotx24CqVluXiv-xZ-tJ8I9XwNhaFoSpAJtnAQCquy_bUwhqCJCSNyW534ZROE_i7t3Zj-nKVyZDm0BoBtkJA0Ezc94mRUMDGD7qLEU9TetW4xrIJighLwFSx7GsTS4WIQtU1FRwFtjfw0lVniCDc5gF3o7ozqynMPbtvheyFZnKIyTDtRwLOCfRoleOis9tBsKd2ULPIoHfUWiN1vH9LJvT4n6_Dhym_DQY9acvxtBKxepYqvHWNhFSVKru9go8tj3j8cdVQ8aE3guuwRCZrNNk4ijGGL5NToBwvrtGD_dVwX0_On-SuQR2wFqOY-mvT3i_8Laa9DnvH85CRWKokns49S7WQ-sgJt8486Ml2oU2jU4qD-Nx3DLQci-9SeQhTG-tp0WliWJF0gps1o7ihYbbnfAbVj61otBoi9I1RIKPU&sig=Cg0ArKJSzI5LmchsF8DtEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hYXJwLm9yZw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240215.67323&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 21:42:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:42:17 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F26B 41 KB
14 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:20:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F26B 3 KB
1 KB 41ms
40ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 23:06:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame F26B 20 KB
8 KB 37ms
36ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 23:22:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F26B 42 B
63 B 88ms
87ms Image
image/gif 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DCVpZYMvDtuEHJmCCEvtTxrl6KgC20xN0lVRTnMzf0TLXcJr__VqVm4fBv5fs0Vp-9lAHb3nELuEo8FA9afY7TSC5tyzuvnEdHwdweRvcjuFNmn6o

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/m202401230101/ Frame F26B 205 KB
62 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202401230101/ufs_web_display.js

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 02:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63000
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Feb 2025 02:08:11 GMT

GET
H3 200 5101009986555725813
s0.2mdn.net/simgad/ Frame F26B 144 KB
144 KB 36ms
35ms Image
image/gif 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5101009986555725813

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dcb308a0ea2c9de8bbdee44a276aa7649ee5b3c6b19b956f03bb7191b3f661d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 13:58:48 GMT
date: Sat, 17 Feb 2024 13:58:48 GMT
x-content-type-options: nosniff
age: 27809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147853
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 21:08:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Gotham-Black.otf
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 22 KB
16 KB 46ms
45ms Font
font/otf 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/Gotham-Black.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 15:56:24 GMT
date: Sat, 17 Feb 2024 15:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Gotham-Book.otf
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 21 KB
15 KB 51ms
50ms Font
font/otf 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/Gotham-Book.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 12:54:40 GMT
date: Sat, 17 Feb 2024 12:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15380
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Gotham-Bold.otf
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 21 KB
15 KB 54ms
54ms Font
font/otf 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/Gotham-Bold.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 15:28:07 GMT
date: Sat, 17 Feb 2024 15:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22450
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15057
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 NotoSans-Regular.otf
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 1 MB
424 KB 57ms
57ms Font
font/otf 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/NotoSans-Regular.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 13:53:07 GMT
date: Sat, 17 Feb 2024 13:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9230 7 KB
6 KB 54ms
52ms XHR
application/json 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

270c0a409ade4580ab41e71428f2352e4ce72a0d04dd99c97deec387da4650a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5683
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8A49 38 KB
13 KB 32ms
32ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 166962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 23:19:35 GMT
expires: Fri, 14 Feb 2025 23:19:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F26B 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d349b4e11cd63a57173f2f134aa14ad21a02811fb8a74bcc15a8a7906dab810

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D4B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1

43 B
747 B

76ms
76ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDQJxDY9ScY_c_ohQIwAQ&v=APEucNUNc9f8VFALYP9R9aM9CuZrgRGJPNkZNyQBpEx-bGvwwxQiUxMqEg4W0rapDYeTfJEH8BlouF8jidWHdLc0qODAn3WWOQ
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJO%2FxKNQB4Ee7IcRQfLylEDBOEo3f5ob9Jc0m2Gsk%2BkCWqPIDRURvX1jJkbOWiojt6swGHmM28UyohGW5ykBOlTbNvhlsuDeq%2FKoiixu9248sr29yUwqqEgIa18Ka%2B7ErqMSjSggztGJ%2BON8Ri3COZne8ymUkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 857133064f0a6aee-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D4B5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEoOdHM54QAABEMAA914QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1

43 B
744 B

59ms
59ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDQJxDY9ScY_c_ohQIwAQ&v=APEucNUNc9f8VFALYP9R9aM9CuZrgRGJPNkZNyQBpEx-bGvwwxQiUxMqEg4W0rapDYeTfJEH8BlouF8jidWHdLc0qODAn3WWOQ
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ItISJM8auUGJJkyP3pDlw34UXWgJO5aZ8NRgnp2KsvDHyWFHVTEruy9maq8pHGi6Fc1WsvLrg2pD5honTJMAwPEGSr2mSIIXLM6kPs5IIG4ox39wUsBOHcm6KrPtzBfbYIXlWFJO3FuBkYKiIJFtJaL%2FPn%2B8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85713306cf6d6aee-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMLpk8Ks3dmXynRwVQ7WaDA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D4B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF99J_bX72xLiWFPEyI4aUk&google_cver=1

43 B
1 KB

41ms
41ms

Image
image/gif

68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF99J_bX72xLiWFPEyI4aUk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDQJxDY9ScY_c_ohQIwAQ&v=APEucNUNc9f8VFALYP9R9aM9CuZrgRGJPNkZNyQBpEx-bGvwwxQiUxMqEg4W0rapDYeTfJEH8BlouF8jidWHdLc0qODAn3WWOQ

Protocol

Server

68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
an-x-request-uuid: 2623610b-4429-4adb-ac9b-c2c28b5de7be
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.34; 96.9.249.34; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF99J_bX72xLiWFPEyI4aUk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4B5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgyNTA3ODM3NDY1OTA2NjU0Mg%3D%3D

170 B
188 B

48ms
48ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgyNTA3ODM3NDY1OTA2NjU0Mg%3D%3D

Requested by

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
an-x-request-uuid: fb2a3f48-dedd-4d4e-8f9a-bfee832aaafb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgyNTA3ODM3NDY1OTA2NjU0Mg%3D%3D
x-proxy-origin: 96.9.249.34; 96.9.249.34; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 11
thubanoa.com/ Frame 0
0 104ms
104ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=4245668574&z=7013738&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5&ruid=b5b093b4-0291-455a-83ce-7325151ee62c&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ot=498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: https://hubdrive.lat
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://hubdrive.lat
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sat, 17 Feb 2024 21:42:17 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 11 Show response
thubanoa.com/ 0
663 B 104ms
102ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=4245668574&z=7013738&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5&ruid=b5b093b4-0291-455a-83ce-7325151ee62c&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ot=498
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
X-Sc: 4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: 7e423f663714d2c6aca1972e0cd1bc37
pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
x-sc: 4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9230 17 KB
6 KB 114ms
113ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:42:17 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame FAC6 0
0 93ms
92ms Fetch
image/gif 172.253.62.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstbIgQpDwnC_r0qzrYj5uZTdfvyF3V-9PVRKsKvEG2lyotA9Vo8BVWriIB29ZEEJ_RWf500grXhEdPTI16xodxJF33HspgAlBwJKo3HHDqjxQIgBSneUXTkIZNPBlhbEOZCUvYbTdNFAZd2G54Y_HEdOHWfVYpiF6BBt7i23l9cb6tqWiA9cRY59sUA0-SLUJnn9unohf7dO2gumdYmOvnoruEPcpOp9K_epJ2NWJOlGlmTycv3wpOsxWpcuECBcY1aeikhrExMHYaFups7yrabQxwWXQkT_qjTHKVTPsZf-a0i3PRyLM-nk1kwtITGmqw5zGIkyA88qxGVQoEYqlHVoUfeR1-jzpdqN9mooTaME2VrsBnTv5b-iWCnYIe1KFUG7_EJj3jKfv-n1JQPnZqPGSYhCM_nQxvOyO2GzGXQHvlZuAsUbl5NEiBsuCQ-jOgtWfG9y21F0bb-2209L-isoAlGDX5aFYDKrNXDenv49DEKhVpHrm5mxuY9QhkIQVmvbryi0ri_o8_OkrKSTyGUep_9-dhJPL1K_P7PL2sE__GsKwyPBOwlhqDPI6Hadon3tchhIsMgzXh1zw4U_sIhUFATIwAGpYC0oiT8TqiwwX0ydrxu09_vO6ltFIg0mL7Wrs_ZpbtWe1umOpFqf51QDx6YSVHAABZTJUSfvSamuZ-owvYN0n9i_YcP_hhAulb-l7auXYL2hYuV9TUQjKQ84S_dMRW7d7TJgD1gXd0UqE_K7y-n142d6Vd-BCOmhW1dl4SLW-il2kBKEXSsPrHhzDw2ZS-DO3YE4oWiMr852ggow3GTfmwBYe29yKYjpFg5HhrLFbKURIeFKPPpUUCasDabboJGJPS7hAnPdTZd1EhpYe0RuB3ePUhASuWvjstuR5-rwPkABtGKPVNU2aVLOqlI0aN771-x_LOsQB57IN7XzcbCflbV-PKnQWQiGv88j5dMxxmeVA-cUFP3bwFucF4hor5Ip93FcprG4bSj8mmK-zT6cU5NNq5UPPhreY80uzsQg1KrAnXlE5pviDsvz1-h6sGo8UyJiLjh7YqYdtyMItqOVITj5X6ujwEqzUlxeUmH9sA_-KvmxMtXRS7OPOmtcVHa6qxIJTe8UVGPZQqt3Y5Sn6bvny0mMixSKiUjTPbvElHaQBDsS-KjCg9lOIADzyMiVyvtBErSmVyHSCIzOD85QcUjxiqpA4cmaoUXFDLOKf82Y7uRmIV8zeztK_8SZwvEMMufXqhlW6uCQSwueF7kklMJJA6-PkJfb1RcVoh5UY8C4E_koX1vtaaZIFHpMDoy_x7biRUWz2v27y2UG2yoF0-SFkL2-Q42mVcLEqOCbZmALpJ3osl1TsJBlZ7KjqGSKSbB8z3S5n3vKAD160ZU2YPiJL7bneZCWiYfRonSi9WZM9t8jFepIAXY701g7X_NS3pkjBnMe2epvv-1jMAslIMEKSTZh-RojtJ9XuXr7BqUtWi6gbavncDS5VaJBvyxy2EDHw&sai=AMfl-YQ1Ye-yHCfvx86pv6NsH34tQE3a-DH_jXBbWHiow_RED62yYlMy3WoaUUEf-6kHUIOJMjWlidBUCMyRwZWQmYCgMnIncvWbCJDQptW-Af8STLbCkpiHfzlr7mnfilTtdIrWkdsRkzuQ4sdN2t0kAAgWsa6B399Hh11ogMGVKYbb4XXV1z1xr2AN8d_vs_NuB-JR5mn1FXw47KVRcegQ_cVcmY7qSeiC5E2gWZ8wVyJzDRLuyH3hjBJolbxWT56qsrX0RbP-ffzX99yoSUHzOZrBf22ANOFrENqSzyA7cr30teJZiUvjEFneNLEPS4WsnSOWsWzQJMFsoUA3Za-OyY0UyZ8ATfYC1mDAOcfImIeWFbU4595FXIwGcZN0oMuVQelqFs86udkrJo8WcwjltFchKBJsEfWMgHvVXzYHIMda4TEU0MZkj479TN0U2VfiZRKJDdsHg8vOwoSG5QrIC6ma3TY9VN9R81irDL91eugV6DXSdPzm1t8kBoG8YGBdNt96lg&sig=Cg0ArKJSzEj0WmCGVtE2EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=588&vt=11&dtpt=363&dett=3&cstd=209&cisv=r20240215.16333&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 21:42:17 GMT

GET
H2 200 / Show response
interstitial-08.com/ Frame 9D34 22 KB
6 KB 381ms
128ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: 3aed965540d2312363b7f796619042d0406025069b335b5f074d52afa9d4c9d1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:42:17 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame F26B 0
0 91ms
90ms Fetch
image/gif 172.253.62.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstO665DtT_IO5O0mCok6jvRv6_9lNzkmEXFLZ48q163myNITdgBd5_lgisZRG7b0L-p6hLFHvZ9f38sUw59EkwawYPk5tED0TJnJZUBuUsmBCHQm281u0zTY4JuH39my2o-M7M68VX42d6hBlad5C-KUynUwYOzUVC6vhQFA692XiT2ngolVoRc5SVeG5_W7HxcYMfJ4kzEwlW7LQ_HS8x21-iLicryuw8V_RMKVoNsgDmpvrzjv75kcyHdHH9b3vL83OyuehG4iWnaXH2D0ZuEVUFWYe0hXsVApFpwaO2QOc4OjVgM1R-Aid4GRPJ_egh_WRj7npnQ0HjLZuHlbWlofLDV1wJiQu8yoAf5EH5hoMF-jlx-N4cXxj9Y-OjXfGVR_6P6lMC4qfwT9qyGm0nBIrW_5-2hIecdNYXm9_teZgPKpUJbBOwELVFwoMP9jP4UiG4QRMzifMDHzSPuZsU7jFZ8raMLS-yK1fsubmrLsWU2gbNcuP7_Mw6chFXQr2qYaQ-hXsp-xluxE0Tb_F0dZs20TIlkeFIX2S2KiI-2gFKgpr6RWQQA2eiMeNIEN-cTfXggbXWmR-6kwdEZQU2TJfQ4kuPhzgblxvnXA2LWj2FWPPb8N3d89XfW3bWqACTlTuZuDFCumsC3mY5JxlI0LAzXkgP75RnRH-7w8nLdDqbUZOIDGJ9ReCj-1eLwZq8I8TZ1gUe4LRbqTzrzjlhRNGtvhP0fqtuwL64tZtzeoaD322vGfKMstfr92wPj6hM-00hhMUFMHmiVG8-RwDzQpxRsCh__wuIHTWwftK77uC_2tHvoqoijuX131KDXTr5gn3p6wnt8gBB8InC1LdNX7ZGSfbjopM3eDHAgnmCrbMBGthNebn32uUvjsW1y-2_So3xJiqtcVaW_7OsBOEauMzChf6KXUaG8OJP8uFIWnHpyBFCS4H7JOqnV2ANbpafc6mDo9m_B06uMbQLxTU1Bt_VY15oU6_iHSe0OBpA7Fg9mNia9MUzD1Cg_ob5Vrqv63YaZwpS6cLf_WNe0e8WDm-6cn0fG8QHvZE27msvypRmC4HmRoTcgxJfQXYidAZ6aDg6gD9QkqDfNX9nqb0T5XHkwD6T3H0M-jNflIEXuQSpfLzYbcpJBliYWV_zUXWkXcOhARfHMSLTeIjWjXTFSAcyYYAazvk35_88iMDUShLXw96NRBwm2p7lUhW-xK91o7AMDOVP3Tbsce6mAALjXKr-4jGjVHh2yoURKml4eaEZa8-LOMNMKB_n7sOfv87dI1BPIgpmnVxNKeE_MsIDammkhbjpqCIPjdtfEnNveQq0KHoyJopWxrwjQtxODQcLVwHCcqcNzBlmOHDrP22U5FZ7YHnLaBpfF-5qgOgmFy9y1_3Dia8tK5WjLAi13evUEwoNMTuM9HsEI8VHAFjC3IivpEUeRUGmeRHo5TojxfPgX9n6_TH2YMOpLATddX6s&sai=AMfl-YRTwuGA6IU4IQOtKdFUiz-vzwvYwXftMD6eJMf4Tp3-osQ7KLLLB7VvB6lXIT9NkSYMSzc1qZVv_3KxnmNjaO4hotx24CqVluXiv-xZ-tJ8I9XwNhaFoSpAJtnAQCquy_bUwhqCJCSNyW534ZROE_i7t3Zj-nKVyZDm0BoBtkJA0Ezc94mRUMDGD7qLEU9TetW4xrIJighLwFSx7GsTS4WIQtU1FRwFtjfw0lVniCDc5gF3o7ozqynMPbtvheyFZnKIyTDtRwLOCfRoleOis9tBsKd2ULPIoHfUWiN1vH9LJvT4n6_Dhym_DQY9acvxtBKxepYqvHWNhFSVKru9go8tj3j8cdVQ8aE3guuwRCZrNNk4ijGGL5NToBwvrtGD_dVwX0_On-SuQR2wFqOY-mvT3i_8Laa9DnvH85CRWKokns49S7WQ-sgJt8486Ml2oU2jU4qD-Nx3DLQci-9SeQhTG-tp0WliWJF0gps1o7ihYbbnfAbVj61otBoi9I1RIKPU&sig=Cg0ArKJSzI5LmchsF8DtEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hYXJwLm9yZw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=178&vt=11&dtpt=176&dett=2&cstd=0&cisv=r20240215.67323&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 21:42:17 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A49 39 KB
15 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:31:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 19:31:15 GMT

GET
H3 200 button.png
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 304 B
341 B 34ms
33ms Image
image/png 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/button.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6466c1ac875b1a43bd018a2c74ec4e95f6db7dcc86d282a836881cc6080c07c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 11:19:16 GMT
date: Sat, 17 Feb 2024 11:19:16 GMT
x-content-type-options: nosniff
age: 37381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 updatedlogos_300x250.png
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 11 KB
11 KB 35ms
34ms Image
image/png 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/updatedlogos_300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36d65338739fc514e64beb4f96cee7da92ae1617ff10a1da27377874f4df9751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 15:58:31 GMT
date: Sat, 17 Feb 2024 15:58:31 GMT
x-content-type-options: nosniff
age: 20626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11637
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 43882346_20230201083025932_749472_Oslo_Destination_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/43882346/ Frame 9230 70 KB
70 KB 35ms
34ms Image
image/jpeg 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/43882346/43882346_20230201083025932_749472_Oslo_Destination_300x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aff6ddd59c867ed9eb8e9704a341920b90bf0a5b25e94158e293c37063e7fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 15:59:57 GMT
x-content-type-options: nosniff
age: 20540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72007
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:30:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Feb 2024 15:59:57 GMT

GET
H3 200 1200x628_RH-Radisson-Hotels_RGB-GREY.png
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 30 KB
30 KB 37ms
37ms Image
image/png 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/1200x628_RH-Radisson-Hotels_RGB-GREY.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 10:49:22 GMT
date: Sat, 17 Feb 2024 10:49:22 GMT
x-content-type-options: nosniff
age: 39175
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30313
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 9230 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 updatedlogos_300x250.png
s0.2mdn.net/sadbundle/12005267356172434500/ Frame 9230 11 KB
11 KB 33ms
32ms Image
image/png 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12005267356172434500/updatedlogos_300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36d65338739fc514e64beb4f96cee7da92ae1617ff10a1da27377874f4df9751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12005267356172434500/index.html?e=69&leftOffset=0&topOffset=0&c=P6tNo1aT91&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 15:58:31 GMT
date: Sat, 17 Feb 2024 15:58:31 GMT
x-content-type-options: nosniff
age: 20626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11637
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:26:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 99FF 39 KB
15 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:31:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 19:31:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C9C8 13 KB
5 KB 34ms
32ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 9394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 19:05:43 GMT
expires: Sun, 16 Feb 2025 19:05:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DBD8 829 B
1 KB 153ms
46ms Document
text/html 2607:f8b0:4004:c1d::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0a96f5241acb901744f6bdf40c178f97c1aff0b9dd312f2333a4732aaa98f911

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jee5uwKm2Neov0f-Ej24Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jee5uwKm2Neov0f-Ej24Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:42:17 GMT
expires: Sat, 17 Feb 2024 21:42:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A49 0
20 B 90ms
89ms Image
image/gif 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BapTFOCjRZcr7I_zRqMwPi_eykAsAAAAAOAHgBAI&bg=!XF-lXxDNAAZN4L4YbeA7ADQBe5WfOLJZZG7iEeBhA3sGx8aKGqGv5WSwCLN9PAIxbWhp3W5yi092pVjXKlECQ6cOk1WeAgAAAGlSAAAABGgBB5kC_iFRyH7VaYtGcQvNJGUoLvXrBvL7FmVU7DJ2H5nrbCmWKdOFEL-4Yl-b38XOYqoAvM6iM7KphAZkVVKEbHmbgbWQSWuQJgWXwn88uoFOf3pj10sn_XpbLTj00YWjIfETzo2k-ABWZ8VMLmhZWvnOXB1aoo8M-Jr226nfG43Yc7XXOr3GtKLE2LjOanA5PXey0caxiXjDNxGPYKia7alx7J3-e3etlKqnTHgRE56Ckp7bwvKUfl9BvspgIACJLxGOZ098EWqp5FUnBL85TvwmieuhhbvCLge7HcMaaSXZj-nD0PG7XlghU1sJaqrHUwLJwnZ16vPEHWvTRABKQ5UhqLJVwnCuNTfRH8xQqqpIg-V_6fkUc7AsXu7R8eJ6-dSF5SZl_NQFsJrlwe9QmEoji2wLnLQuL5kyFGmxbM6EHx4MffOes0c3lyRQLzXv-hnNDwyUtazjv9_GApU3dOwag05HKzcFqOFCYLKedeAckD38Fj0F7k2YhOvzcLd3Kb5pPi1AwNyO6sQWJdUDs9HF1obiN31gfA4r_fihI9WCMHGQizlWvqkq6OwRu2plA3KQAjAm7IU92_YKGntV-Bun2aEl6F4ESYYAecY_sC243DNINp5qchH9xpun0kVcywOz2BEB2mioglqmJE4aGeE6an9mwmpn5JtYT_2tq2sCIeCrMd8xb8kzpXPxmb8DQN1nVnFAn8sZInxmVih67vzZhmm4hc0m9sRoPbp-1boDlXB-mgiUJGS4AcP20Y-IXtXyi8dGwhIXafNuavbGViAp0wHlrnOKs7Mu4aNwZI5Q2jrLJSRa8R7rcBskMVuQx6Tkav_pF7cMe3yT4VnGbIGyvnrLkchPwHkRTkAZJU03oYJ7BbZciSgorLcYRoa2eQwpbOITaEjzjKjBujMAGuyaej-cnzA2RGPG-wyeMz0OKfPY3mNELvmxXVqeGkIUZUTdAtUyMP17jROuyQzphF-MMbIOoJIrG25PpvwEekQhMU5H2DFMeWy_zJb_QFID6LI

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2FF9 6 KB
3 KB 33ms
33ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:42:16 GMT
expires: Sun, 16 Feb 2025 21:42:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 46BC 640 B
265 B 66ms
66ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGNmj94YCMAE&v=APEucNUv7EQrPNJ46l_sRfuyMydc4GfDNeS6HLz9u5KVhWfhpMoVMUknQ8sbDbVkX3vnVdDMINH8vwV9eUbjMAoVImZQ5JPklQ

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:42:17 GMT
expires: Sat, 17 Feb 2024 21:42:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2FF9 111 KB
39 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Origin: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Feb 2024 20:22:46 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 2FF9 8 KB
3 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 09:21:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:21:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 2FF9 23 KB
9 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 01:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 01:04:33 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2FF9 41 KB
14 KB 32ms
32ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:20:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 2FF9 3 KB
1 KB 38ms
37ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 23:06:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 2FF9 20 KB
8 KB 34ms
34ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 23:22:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FF9 42 B
63 B 88ms
88ms Image
image/gif 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CymYZzSCP2f6MVKwcS_J0saIJr7ACoyS9X0mTA-6ThOXMy8ou62GbzsoQXytjLeYJR33oTQwCQ5x414EpWCfr4TDzu9zGfzR1UUPp3kpsYuOtwcA8

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2FF9 204 KB
61 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:09:58 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame C9C8 39 KB
15 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:31:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 19:31:15 GMT

GET
H2 200 style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame 9D34 12 KB
2 KB 115ms
37ms Stylesheet
text/css 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
age: 2799
etag: W/"656f1d9e-30c9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 857133095d6d4bd8-BUF
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 9D34 3 KB
4 KB 113ms
36ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
cf-cache-status: HIT
age: 2799
content-length: 3429
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
etag: "656f1d9e-d65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 857133095d6e4bd8-BUF
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame 9D34 52 KB
53 KB 100ms
100ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-d0e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 53472

GET
H2 200 0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame 9D34 14 KB
15 KB 282ms
280ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
last-modified: Wed, 15 Aug 2018 10:56:50 GMT
server: nginx
etag: "5b7406f2-393b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 14651

GET
H2 200 0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame 9D34 35 KB
35 KB 283ms
280ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
last-modified: Tue, 17 Jul 2018 10:46:08 GMT
server: nginx
etag: "5b4dc8f0-8b17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 35607

GET
H2 200 01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame 9D34 49 KB
50 KB 283ms
281ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-c502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 50434

GET
H2 200 player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 9D34 28 KB
28 KB 97ms
39ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
cf-cache-status: HIT
age: 2799
content-length: 28527
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
etag: "656f1d9e-6f6f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 857133095d704bd8-BUF
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 script.js Show response
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame 9D34 1 KB
562 B 96ms
39ms Script
application/javascript 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D941278008%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5%26bag%3DydU9kaAfa6I%3D%26ruid%3Db5b093b4-0291-455a-83ce-7325151ee62c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1708067901%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3D4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
age: 2730
etag: W/"656f1d9e-58b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 857133095d6f4bd8-BUF
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DBD8 0
0 92ms
92ms Image
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402130101&jk=3326153491635214&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 46BC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMmyUPGwi3CUnBipn8pqGjQ&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMmyUPGwi3CUnBipn8pqGjQ&google_cver=1

43 B
163 B

54ms
53ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMmyUPGwi3CUnBipn8pqGjQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGNmj94YCMAE&v=APEucNUv7EQrPNJ46l_sRfuyMydc4GfDNeS6HLz9u5KVhWfhpMoVMUknQ8sbDbVkX3vnVdDMINH8vwV9eUbjMAoVImZQ5JPklQ
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMmyUPGwi3CUnBipn8pqGjQ&google_cver=1
date: Sat, 17 Feb 2024 21:42:17 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 46BC
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDQ0ZDAzM2UtMDQ0Yi0yMjZmLWVmMGItYTZlY2VjN2I3NGUw

170 B
188 B

48ms
48ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDQ0ZDAzM2UtMDQ0Yi0yMjZmLWVmMGItYTZlY2VjN2I3NGUw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGNmj94YCMAE&v=APEucNUv7EQrPNJ46l_sRfuyMydc4GfDNeS6HLz9u5KVhWfhpMoVMUknQ8sbDbVkX3vnVdDMINH8vwV9eUbjMAoVImZQ5JPklQ

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Feb 2024 21:42:17 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDQ0ZDAzM2UtMDQ0Yi0yMjZmLWVmMGItYTZlY2VjN2I3NGUw
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 46BC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJ9wrzNBZqD5B3i2NTonYD4&google_cver=1

23 B
278 B

97ms
38ms

Image
image/gif

23.222.197.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJ9wrzNBZqD5B3i2NTonYD4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGNmj94YCMAE&v=APEucNUv7EQrPNJ46l_sRfuyMydc4GfDNeS6HLz9u5KVhWfhpMoVMUknQ8sbDbVkX3vnVdDMINH8vwV9eUbjMAoVImZQ5JPklQ
Protocol: H2
Server: 23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-197-151.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 17 Feb 2024 21:42:17 GMT
pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEJ9wrzNBZqD5B3i2NTonYD4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 46BC
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWJmZTZlZmEtOGM5MC00NWQ4LWE0MDUtNzI1MmExMGMzMTky

170 B
188 B

49ms
48ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWJmZTZlZmEtOGM5MC00NWQ4LWE0MDUtNzI1MmExMGMzMTky

Requested by

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
server: pekko-http/1.0.0
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWJmZTZlZmEtOGM5MC00NWQ4LWE0MDUtNzI1MmExMGMzMTky
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Sat, 17 Feb 2024 21:42:17 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10646746922912410239/ Frame 6871 118 KB
33 KB 33ms
33ms Document
text/html 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10646746922912410239/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adda803d5bef5e076dce3525079973854ac3bafc18652293227d5b717c9e550c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 21782
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 33985
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 15:39:15 GMT
expires: Sun, 16 Feb 2025 15:39:15 GMT
last-modified: Sun, 04 Feb 2024 02:20:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 2FF9 0
0 100ms
99ms Fetch
image/gif 172.253.62.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsssiz1Sheshew7lrnB1qIESsfwkJVYSgShf7UafJDJgWLhUjzAS6vDsOW23uYGWRmm8r2N9kd85Uu6s5XupeJANKZZobi2UGorh8q6OE0h3M5TX_3xCMdGzfpHvTHdJLICRSnueGNwhpdFAndHKwRtzVylx5AL4CFumkKQxHrkanezO_KlgdG3bGJFfOwjR5VRSs9FDFOqsPYdqcQUjlbke1tSRmomxSM4imzvD42vn_WS-slzCtu_0IrkAH5AjK4ISTbl4ZwBtuwUVBD3DrmVVm0nt-QlMhYtUJs8yJVWOy7oxIy53CTIKGE1Xe6Nn0VM9nFedvP4fVVvx3zYZPx6yQHqmvzPQsGXpc1d37w2WtLrVDGzMNXOuZyDFt_BOSLLu2-cTLfj6jVV_SukhVDfB4RtpFwIcNTmLVekWHx6okYlxlY6Gg-eIlLNAFgY1WAHFujAjXnZj_xyFvTS3njGpSXg4b-psMw8BAX0DzuT6yotolaHsFWTvsu0cWwXUz-k6uf0al1AjY1gztLNmQnkEH0693udDYYWNSRCrs_xw34y4BC4KADmHjKwjw2URdTukz655_A_I1gko6jzWMes05tiOyC370ozAuStnmYzbr6z6uToptaIsglt-yBoGRxVa1SWjRcTtNyljOGwlEOYvcycmQJD6wkg1AQcWMgfVC7fXG12AlerksCyS--Dc6FslxCz-02OvP1BVJJbdWrtkHmpzDyEYQjmGqBy2zKh4oMfZNpsqUig-0KzHA93c867ZM4Y_mzSjy0eeCQ_XRVUqaw1zAmFVluZK1mmhUVyVlZipLZunTqCMtQffHSUDtKvd94TQ5n59Rpqx5nBWTucM8EzD2G7mMinfRLXZERi1MPNuyNTNXV1qMVFiDYOWQ1hE8ccF7vkvYYJr3kmvGzGS861TSK5AOAsJ39IUv3Al5KwyQoJWgrAfmXfmO3uTQKm30VQ0QRic5nzCh0SuQIVSTLn5RuP9a6NT8BWRG86oGi6twB6T14WQMd9tvHfskgTNNf0GE4MV7ZrKjVLDGBZI9a92TTgQLbyhjh82hYDel8zQNRQGafQkA5P1eskP6rYTsSYy_pXebtMZ6VhvgmlOn-GSVDhJl1Np9e_3AcRnjtfKy5h6HEb8jhH_DNkv7Kb7MvOOSjpO3gkQSsl4ltJ0_euMBON0qcDpBo2hA3A_F9Gy5oIg43LryRl_mSMNB1hKq3DLmNiAF6xr3Dzrks0o-PFNEdyQ91T5DCmijvmmSrLtD-Ky_8e9zjQQXDLBGP4vARPddCp8P-M0W2tH5rlYupwgSjpwDMTSmTBL2iJ2yZXxJMLpGzRzEPWvJ5Uf6A3Cv9UEq38YBhDAWDcMqYekop8YeJ65mtVcNmd7xjNVQuD_crj0y7X1ecb9sH2zz9eMQQ4CSk35tH6yEnQYv1Bnrj2hmyOQTEyPsoQNjN_kNI_LNTsnf16_NzAopPYJYAFLX8MXCkoiV7iKwKRwGw&sai=AMfl-YRjzoJdRs0-mKh_hKxaqzc_Cu_ncU8ESa3ou4-1l7zTDXmKVDDKygoBwkJ3iA1l5yWQ8vl3e1jD5Kew9oGbO4ieBRDrqKEyIQyEzK97MTYntR2NDf_PJyh4rUQMm5KQgwlOL_PkJKNV_or2umnhJvgs6mO_itpkwAKJTs6oiJcxzP_0F54EMuPETTt4EgmchrdOkncFike31TgEZd7sh3u9O_M5_YJTE1ojB50BXjU3N6LE-cIAYpbIpQ_wNDiTRWoyVCEUjDWOovohMh5RzIMmWZLG8up7NUFX_ZMG8ZN8rnwdgED0zveyw1TejHuU-NgVrK21U913XtRrP_9CoaDoypw-PCxsUWrFYEdYReRpWkbdkzMfI8hN8B7oSCtpErPFsqXr5sqPGo_4JNGXYPNqCaR4qDBO_e3cfutkxce8o-xYKrlr8Y2CJ-t-FbUVHSireWtZhkbD8sl0scVQcnhVWMP7biMOylqGh30licfUB4_iDrWlhD-Z69ly322uaOx3FlbtWEZ-eQ&sig=Cg0ArKJSzCwjZLzYxXDkEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9qYW1lc2F2ZXJ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=87&cbvp=1&cstd=83&cisv=r20240215.90369&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 21:42:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:42:17 GMT

GET
DATA 200
OK truncated
/ Frame 2FF9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbd7ff07f9c3a37b8dfd4dff6e162360f00e7625a2b01b864afd25ced22e7520

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3B72 38 KB
13 KB 32ms
32ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 166962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 23:19:35 GMT
expires: Fri, 14 Feb 2025 23:19:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 6871 32 KB
11 KB 35ms
33ms Script
text/javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10646746922912410239/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10646746922912410239/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Feb 2024 11:18:10 GMT

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B72 51 KB
19 KB 40ms
39ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 05:40:19 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FAC6 42 B
64 B 90ms
90ms Fetch
image/gif 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssb5T8WBbh3l1gKgibENPoNfVaBwtn0p6WIpnQTBzmYf5_zysIEnQQk3WzWXGoj6Jh-PW_g432zDcsGB3bWjKbz2XO3E1Se5MGzYGg5U5bG0HIq_B75mUV7UxmnUMzgj9gP5XNwU8O8iQJBNIGEng1fJAjYRROF-Z8&sai=AMfl-YQkxOkbBWj-mB47ujZJuZ0fpf6qhiShOmm56tGxxExVnGmJJFqGCsDpqWFf9RqQGuKmvPYKbT6YftG8cesRmhnG6USlKSDfOo5RGw0L1I5EkVKNSh4ovnRh4pou1HZYzTABvRp70HHbdRBfMJtn&sig=Cg0ArKJSzK--Nbd_N_0WEAE&cid=CAQSTgAvHhf_XntCPZ63XTQWp0mOIT93V5Bvi6BIn4b3rq8HbeVaPf9QfJRUFcE2I24aF3Dv4mpldHvKpCT7RoT0PD3BYmHW5adjcsZssTegeRgB&id=lidar2&mcvt=1006&p=372,702,622,1002&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4224613116&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=413893600&rst=1708206136666&rpt=242&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 null
s0.2mdn.net/sadbundle/10646746922912410239/ Frame 6871 43 B
71 B 254ms
254ms Image
image/gif 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10646746922912410239/null

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10646746922912410239/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10646746922912410239/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 17 Feb 2024 21:42:18 GMT
date: Sat, 17 Feb 2024 21:42:18 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
allow-fenced-frame-automatic-beacons: true

GET
H3 200 container.html Show response
ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3AC2 6 KB
3 KB 33ms
33ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:42:16 GMT
expires: Sun, 16 Feb 2025 21:42:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Gold_Hori.jpg
s0.2mdn.net/sadbundle/10646746922912410239/ Frame 6871 20 KB
20 KB 32ms
32ms Image
image/jpeg 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10646746922912410239/Gold_Hori.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10646746922912410239/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09ebb783fb7a5618b6baebab218a5f2140d2bcbc736016751a5aac667f592265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10646746922912410239/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 13:31:26 GMT
date: Sat, 17 Feb 2024 13:31:26 GMT
x-content-type-options: nosniff
age: 29452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20275
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 02:20:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 6871 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C9C8 0
10 B 32ms
31ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lDsjsA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3A8C 0
0 94ms
94ms Image
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvpGtOSjRZeaOHrCwqMwPkIO98Aj6j4XmbaCDqMWtDcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTk2NzM4NjUyOTE4MjkzODbIAQngAgCoAwHIAwKqBKYCT9Aw8OYZOarJ7AOUvc-nNGgKNs02gMC49OeuCQt3gPz6mOCbgkNrbndd6ipz_vzgAVczfy7w56JKijlopGoWX8znzW62cJQdfjvp5MbFqo9VVozFaNtibHGpmDSx6Isq_RiUrGG8cfaIhWDG1R7IIYFV8PHxHTlcBoWJd9QP5OodjoSMECqJnDKmGVdHP5-D0qBFOgqzRmmnpJ1Aqn-U54WYJYapn_S2EZETPrvUTPsPDmhYP6y-uPXX2Kgs3ZlzUFTbbIbUkTlrgV_mv7FOrBc2je1oly69YtYRwmFphUCGdXTPVX7RERwT4jvvh7RWLeYKBcr0d1lG4k1setIzRyOIxIgYvU0rOy9f83W-WP4hNVGOKOdCHUwjtbhOHnNwxE5wTYAS4AQBgAaasv7io-jXqPEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgIAISL39wTpYr6XK36uzhAOACgP6CwIIAYAMAeINEwj72Mrfq7OEAxUwGIoDHZBBD47QFQGAFwGyFx0KGxIUcHViLTk2NzM4NjUyOTE4MjkzODYYp9yUAQ&sigh=J49HFhfcuO0&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_yJlLWP2luU8dFDC0eYWnL0d-t37P4_hyZ3sGah5BbFUuFQYHlt9VfECynw04Xq636D4JE0AfrFZAnbI5qc4PelBxZqMdYjiQgBgB&cbvp=2&vis=1
Requested by: Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 win
8proof.com/app/ Frame 3A8C 0
44 B 191ms
62ms Image
text/plain 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8proof.com/app/win?id=732672002744&ap=ZdEoOQAHh2YDihgwAA9BkBTd-QcjVlMeEXYyow&brid=VssEVz7n75oQJKkgqxAZnQ&t=b&cbvp=2
Requested by: Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:18 GMT
content-length: 0
server: nginx

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 4155 13 KB
13 KB 109ms
38ms Font
application/octet-stream 2607:f8b0:4004:c08::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Origin: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:07:06 GMT
age: 2112
x-guploader-uploadid: ABPtcPoWc5s5jAicxMzKWeMbAxaTuYSChdRQ9vatpp27G-td4bmX4kBxuAbIfr_4rPov10mD4_yrvDOvYw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Sat, 17 Feb 2024 22:07:06 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 4155 12 KB
13 KB 102ms
32ms Font
application/octet-stream 2607:f8b0:4004:c08::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
Origin: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:30:24 GMT
age: 714
x-guploader-uploadid: ABPtcPqZz6VWWaHVG6bPcPoRzlzkbm-d7EkoQmUXXGKXUsHG23buYpuIYGqYrghG5Jt81_ebhb85aL-BZg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Sat, 17 Feb 2024 22:30:24 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 2FF9 0
0 98ms
98ms Fetch
image/gif 172.253.62.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsssiz1Sheshew7lrnB1qIESsfwkJVYSgShf7UafJDJgWLhUjzAS6vDsOW23uYGWRmm8r2N9kd85Uu6s5XupeJANKZZobi2UGorh8q6OE0h3M5TX_3xCMdGzfpHvTHdJLICRSnueGNwhpdFAndHKwRtzVylx5AL4CFumkKQxHrkanezO_KlgdG3bGJFfOwjR5VRSs9FDFOqsPYdqcQUjlbke1tSRmomxSM4imzvD42vn_WS-slzCtu_0IrkAH5AjK4ISTbl4ZwBtuwUVBD3DrmVVm0nt-QlMhYtUJs8yJVWOy7oxIy53CTIKGE1Xe6Nn0VM9nFedvP4fVVvx3zYZPx6yQHqmvzPQsGXpc1d37w2WtLrVDGzMNXOuZyDFt_BOSLLu2-cTLfj6jVV_SukhVDfB4RtpFwIcNTmLVekWHx6okYlxlY6Gg-eIlLNAFgY1WAHFujAjXnZj_xyFvTS3njGpSXg4b-psMw8BAX0DzuT6yotolaHsFWTvsu0cWwXUz-k6uf0al1AjY1gztLNmQnkEH0693udDYYWNSRCrs_xw34y4BC4KADmHjKwjw2URdTukz655_A_I1gko6jzWMes05tiOyC370ozAuStnmYzbr6z6uToptaIsglt-yBoGRxVa1SWjRcTtNyljOGwlEOYvcycmQJD6wkg1AQcWMgfVC7fXG12AlerksCyS--Dc6FslxCz-02OvP1BVJJbdWrtkHmpzDyEYQjmGqBy2zKh4oMfZNpsqUig-0KzHA93c867ZM4Y_mzSjy0eeCQ_XRVUqaw1zAmFVluZK1mmhUVyVlZipLZunTqCMtQffHSUDtKvd94TQ5n59Rpqx5nBWTucM8EzD2G7mMinfRLXZERi1MPNuyNTNXV1qMVFiDYOWQ1hE8ccF7vkvYYJr3kmvGzGS861TSK5AOAsJ39IUv3Al5KwyQoJWgrAfmXfmO3uTQKm30VQ0QRic5nzCh0SuQIVSTLn5RuP9a6NT8BWRG86oGi6twB6T14WQMd9tvHfskgTNNf0GE4MV7ZrKjVLDGBZI9a92TTgQLbyhjh82hYDel8zQNRQGafQkA5P1eskP6rYTsSYy_pXebtMZ6VhvgmlOn-GSVDhJl1Np9e_3AcRnjtfKy5h6HEb8jhH_DNkv7Kb7MvOOSjpO3gkQSsl4ltJ0_euMBON0qcDpBo2hA3A_F9Gy5oIg43LryRl_mSMNB1hKq3DLmNiAF6xr3Dzrks0o-PFNEdyQ91T5DCmijvmmSrLtD-Ky_8e9zjQQXDLBGP4vARPddCp8P-M0W2tH5rlYupwgSjpwDMTSmTBL2iJ2yZXxJMLpGzRzEPWvJ5Uf6A3Cv9UEq38YBhDAWDcMqYekop8YeJ65mtVcNmd7xjNVQuD_crj0y7X1ecb9sH2zz9eMQQ4CSk35tH6yEnQYv1Bnrj2hmyOQTEyPsoQNjN_kNI_LNTsnf16_NzAopPYJYAFLX8MXCkoiV7iKwKRwGw&sai=AMfl-YRjzoJdRs0-mKh_hKxaqzc_Cu_ncU8ESa3ou4-1l7zTDXmKVDDKygoBwkJ3iA1l5yWQ8vl3e1jD5Kew9oGbO4ieBRDrqKEyIQyEzK97MTYntR2NDf_PJyh4rUQMm5KQgwlOL_PkJKNV_or2umnhJvgs6mO_itpkwAKJTs6oiJcxzP_0F54EMuPETTt4EgmchrdOkncFike31TgEZd7sh3u9O_M5_YJTE1ojB50BXjU3N6LE-cIAYpbIpQ_wNDiTRWoyVCEUjDWOovohMh5RzIMmWZLG8up7NUFX_ZMG8ZN8rnwdgED0zveyw1TejHuU-NgVrK21U913XtRrP_9CoaDoypw-PCxsUWrFYEdYReRpWkbdkzMfI8hN8B7oSCtpErPFsqXr5sqPGo_4JNGXYPNqCaR4qDBO_e3cfutkxce8o-xYKrlr8Y2CJ-t-FbUVHSireWtZhkbD8sl0scVQcnhVWMP7biMOylqGh30licfUB4_iDrWlhD-Z69ly322uaOx3FlbtWEZ-eQ&sig=Cg0ArKJSzCwjZLzYxXDkEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9qYW1lc2F2ZXJ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=494&vt=11&dtpt=407&dett=3&cstd=83&cisv=r20240215.90369&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1708067901

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 21:42:18 GMT

OPTIONS
H2 204 11
thubanoa.com/ Frame 0
0 100ms
100ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=4245668574&z=7013738&b=5362695&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5&ruid=b5b093b4-0291-455a-83ce-7325151ee62c&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: https://hubdrive.lat
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://hubdrive.lat
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sat, 17 Feb 2024 21:42:18 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 11 Show response
thubanoa.com/ 0
879 B 116ms
115ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=4245668574&z=7013738&b=5362695&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=2-Nb15jhl6Tnk5f2TL1rjuZ14Eg08w4wqtW1ybmSUVkxmE3ZAXoh14kvXQECQsjzBTCs14ZFEoSH2W8dhOuVGgYjwF8SYSmre1IE6GiAVx_n9jy4U744VtNYexLFTyVv7v4Nrdh9XgrzpeOT0jQeLCVrwLpDIBFNtQo_6fAn9Fvo8cGxP6H_2e43oEndwH1U4KEP7kOU210DOVItTV8DTc-85Zhj2B8PQ9Chn7rEwWg-Ynv0iKgU6Hc2CNJUcvP8K9MTbjdPbuVi6MFlHQlWfpu7TKiso-CGo_gnHBthZ168YTWnSBhlbHczIFWkk2s5&ruid=b5b093b4-0291-455a-83ce-7325151ee62c&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
X-Sc: 4jOwcMz1o4f008WLdwFkUsG6c5RAE0EQXwnxja49yO9hbuzwEf0PQdUac9KyL4yztF9YfOovf1V_UQ7e
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: c14249888d95a2659a94daf875a430b3
pragma: no-cache
date: Sat, 17 Feb 2024 21:42:18 GMT
x-sc: mAin4PFFGkn_qjnjeRoVAEDWiz5SHN-nJNc4iik6UOGaFwHR6m712QxV_pegrHbvMSjRG5EVQe_RkHtrGio9XGDldnjBwFJeVH70-82d9RQMBT58TUwnnkiQh9ucEy2gRQfPco27wkYKAlIbHyDkywOtV_M6iDZK
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B72 0
20 B 89ms
88ms Image
image/gif 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwTXpOSjRZcBZoM6ozA_WsZywDAAAAAA4AeAEAg&bg=!Dg2lDULNAAYBC1i-IQs7ADQBe5WfOI_8tfG_v_vieHS-4VX_BABmJEq74cCbwv7KAPBgsOWsyedDKDcUuuNCB-dUgtOwAgAAAKZSAAAABWgBBwoAapUu6A_N66-h_o_FNInFSDGN28l_AgCixy09SpSfNB75wAybKoNtbO249NFraee9atNdfSCnELxwXEetiFJ_0MiKcZVtm4YVIW_sDCVw5mHb0Gw9nRJnTv0VMo9q9TH7dtOTYSZObAsWxwyZAxfrdpENi6JNxGGf0Nl93uPP04TFVr1mPrw1vmz1wz12NPX1lpSEs_3OB_GcsihTqTyQRZ4JpMs6PtPoi_XEqSE8AHL03nYtF8qv6ONR435d_EC1ZVrf2aAs7seDIGqV1fguP0g6VHorIl4WntJG5g5t2rlh5dyq5KVeX19WGV7IdySp-aDAxxI4epB7hdhxQo2L08rrpf_BIq2RkfbgNAUxh5DScH_Ka5Snz0_XGTEjl4OR6U-0bBQxkEhfv3gkYfq6InX0U-2hpNRyag7_PRvD6Qku-0VLaZYsZDCgjCMcuzrggqEwIpXmd5M-fP3Adc282NqQoOXGV63Zu_iUwwp27rxMtX8JWUkxilNIlN6nA4DX1GrquaqK5biMkl9zWBsMtGUKk6adfGhfWmLfo0_onsfdt6dD5T0mvTFk3mFRlFy2MoezhMkerL4_Aa_0LGLMk-ZGtxJ7Sf4VgQEu7BepqrDCC1cfFLwbP6oGqsddYHhwgdOOLM1M8uKHyKPSsje3xCpLdFbUQyrU2ON2jSmZWa7_xAiiIhNNfsEFHfXrhWWX6GC7BboNPJ7izcI3RvP5IPqAhkJkhquEx_sLqXGfLfUZDnqYODabLnKX6LGs-tSl_o1F9wre1mdNyuo1KVdRBVD4GZFo6yrzP8rPCfBI1_XDOCgklrtIqm_WRj7SPKQ9qkJP4famq1pKvzimnALqfaZ4MV2Wk4_NkedyXvnYqiiHe4Ob7SM-E9WcjgD4fk-W9DfSaq69hOHfP2Dz2W-x1QU5smOgFUi1qqPQWwqTCxk6_2QlI3p489XZNyK43_rcWRWUOxpfrcFHNc7Jq7OYDkquufRz8nWg-oWGCay9eBSqBDktKsh0wcMEFLcN8rz83DH_IYLnfR76ZlGlvIFobJazFG_4CI8iwc81uVm96AghWGn3u3PujSnb5C_gQ_qEW6dDAXOcshgoZ-7k3JdDCqh9Cg54ko4VboqpDGmeyQV2Od00q9FW56Xm6oHio8XkRHZuZl1yz0EjfU0Mr-wJMjr4UAru_BzHAJcbLbCU_c-IYqhjlQ

Requested by

Host: ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
URL: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9D34 548 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F26B 42 B
64 B 90ms
89ms Fetch
image/gif 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6wkpaqoKruACYfQTziRUSPc2zIUo6avgFPMEv4RXvtPh5zmD6toZppnkvvXMIaduGO5PZruagBRkHUGhlVgTkprgKkUP4sRNWVwbWnQXUP-EghSd5J-cBjCu83fKVE-4ZuYgRQ3IBlJJVnnee3hYPTgimuMmJ80o&sai=AMfl-YRmov2QdgLjTrfxfUSvblQFhNZbEDGJTWBB78C3kzm4JrwU8WRC_AjEfRQmppqKClD1V_zvBcNkzSG6SHzDlMB9dax6GWSEnPvIulYnNPERG8ouqxxEUa6D9iolo34sxpab_8rM6ieoxPD58hre&sig=Cg0ArKJSzBDDPFpi1v5eEAE&cid=CAQSTgAvHhf_e-ieAuXII-34T5u58gf1lUQgooOH7P8alv4XS0sn1IRVMkhTTGJkj1krRJi8psqWovYoMuScA6g63KLSCKiBy0qq0p_1J_srABgB&id=lidar2&mcvt=1002&p=372,702,622,1002&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240123&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3263134374&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1708206137085&rpt=161&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202401230101/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
89ms Image
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402130101&jk=3326153491635214&bg=!bm2lbSLNAAZN4L4YbeA7ADQBe5WfOL8oFtp07xzWKUUDjM_AhDM8vwquEHxFXQHFgGmIr4k6CTbvh4YJDCA_x2L-thUfAgAAAQBSAAAAA2gBBwoATQO2ogiYZmoNwwcARtV0DGvMm5xuUtLCoc-DUvqXjtKPGl_yrijVd6pqC1Rb608FopBLQLbk5nkYzftLOpeI8yZR44kaDiFL70YQFEWAmQLA4oRBDh2VWaJlhQ32DJLpST3cSh8lxgb6S5YV2ml_8v1fZs93QVrlxDPq-c8jFP_urt4Ou-FOOl7pQcUUHPwoapHRr9o4K0UFrS58cuPo-IupiT56SQnOZOtXFURH37z1kqPX3ZIoUyY2XhSW6lNTVRiTdEVEqR1Nn4Vwlz0BMghsEbfMEY56OAznQMPfwqncQ2_L-JR7m70nDXX8Le8DtFCE3giYXxFCwETbLrRQnTyPyz5-q3FsA8MEyWHl_EDhlmoMdykJhOaG1KXN_y6Gwo3pbzZuQnNWMUN4m-Xv_OhWr1j2hra_vW9dt8l8qdwizx-brkkebgoWxQ40znNrCcX9HKdURDgKwvXfoNbrhp8aq-e2IQh7P0hZDmN8SUYfgbq9A-Z-IrMCLI50ycEmGmupPOhRR6o1jrWAhbn-LLt_hWLddqhHFO2C6QhaAgGmim5h1sGRfPcF4uPPAJEaVAGR7RfTfSQFSUKYSFRaaOJks9GSNuJHmXOO2WiPAnNplngadx5TGDBSD86LwRUPDg3Yiq-C3HJuVH4EZjPXD5su3FyD8EQn3bQyVq56Dk6O642ttpfgDuwvDHxnygPTZiN3Zh3HCSXQAkDHrDyqL8kSr3Lq2hOGEadeXWPF_Ni4GPc91MzrBS5u6x47Aarb1Sc1lnCAUd5t6Da6m6cpveX_CGK1cJ8HS98vLJef6ErzzMWQYYVN2S8u7qW-i3M6JqUj0-l7QBGenNMbolNjWI1vDYqX5PEO1pVO2hQI2WoTIUhHmDwWqCTGM6NwLfDehqx0ePYy_wj5HQ0yP2ZkwaUyZ0il6xN82g5rREt2q2oW0SZfEy7S_oR_3hzrzkCkrTav7SUPAEsSjQYvbfqVlUK4GpGOYBDWrYBc4yoxmMWGvl_r2O59mceYB2HVxlDXf2qrHy_Mz3vWxnSfmqMhbFA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FF9 42 B
64 B 90ms
90ms Fetch
image/gif 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstF_XrYWurF_1I6IdyanDjGaI14WHX06T8PCysAabL00ieH-zZsrMUoOyUUJtm_CJbpDSWIQVXDpdn-XByArK0rh5rtLulwzMbyO1E5WAGbhpF1lRtA96b9dPku65wkSqx4_dX2-0TFewCL0Gc4SdYoAM_pGUaFj8E&sai=AMfl-YQdvQE6RPlD6KPwQ5eEnJXYFEzJvGJ6dHFRt8_pxj7EM6eVlbpEqXkTsbtymu1R-Q-1sjaTYdJ2SfIt98VSM4ZXsAiOXBt4deWQAPkFITgItgcRHtLm4bc9s86CrUXxV1PIq0UigHVU3TI6mUgKhw&sig=Cg0ArKJSzO8XdWOU1hwkEAE&cid=CAQSTwAvHhf_Y4jxG4H8qTimjNO9HIgaWwg2Q7miEoK5K8c3qhaEk2ELAek1Iz_ONBkSXfWQYNkC5MPXzklv3WtDXkA3ntBEDnezLXOA2T0LlfQYAQ&id=lidar2&mcvt=1000&p=156,702,406,1002&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4268415557&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=413893700&rst=1708206137591&rpt=231&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lazy-iwc.9b430e25.js Show response
static.arc.io/broker/js/ Frame EA85 14 KB
6 KB 29ms
29ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: 170fc28046efe0a2310c72af9f6d88c39458c227d4b9d7f77738f78cf1c3a11f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:20 GMT
content-encoding: br
cdn-edgestorageid: 1070
x-amz-request-id: VGSMBFHGG1PWTP39
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/17/2024 04:53:00
cdn-pullzone: 786569
x-amz-id-2: jC1iv6NNDVARTkboTrBv11f5N2lwXKSnTRq1/QfRj9QDB1YyutjH1coZ3yFOz8fAC0TqONb4l/k=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1343454a1c763177d59f06c307b3a5a2"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 4bb98e8c2a779b717a33c46d410c6789
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 vendors~widget-sc-client.js Show response
static.arc.io/widget/js/ 60 KB
17 KB 30ms
29ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: 31501078b411835882c834ed620bebe77a2b8ff3664514358cda957fba8c247d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:20 GMT
content-encoding: br
cdn-edgestorageid: 1029
x-amz-request-id: KM3S0E7BNB5F97H7
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/31/2023 19:19:45
cdn-pullzone: 786569
x-amz-id-2: pLEAwsWMGw9jLmnFN4U3QUmt6G+nf00AZmsA23kPupJEfWBPKXEHfrWuA6vjr2zBojsrBcWSxpk=
last-modified: Tue, 31 Oct 2023 18:10:04 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1bfa017c8b068bd2857ce731fa38ab1d"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 488f7939b148210a05bea3211e0c733a
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget-sc-client.js Show response
static.arc.io/widget/js/ 3 KB
2 KB 30ms
30ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-sc-client.js?197dbd2e
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: 3465ab3f72d4c3ddc2943112cabd7d5bf5faec502ce18319571234957329a1b0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:20 GMT
content-encoding: br
cdn-edgestorageid: 1069
x-amz-request-id: ESA03H3C4HZ5CSG2
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/09/2024 05:18:33
cdn-pullzone: 786569
x-amz-id-2: ZIqbJZLdmPJROiRoCC3/Hg4vGWBK9bd6axjZ6JzXV/z8z19X+BlCIVzkDioEw7RZALJ95u2LI5w=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"00fc1f9530439ec3d2415f9420e814d7"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 28aaf23a40e68b1e283cdcb8f2a0f58c
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 strn.min.js Show response
unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/ 230 KB
53 KB 43ms
43ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/strn.min.js

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a77bee92347b9bbd0786d53fe05e0d5c3d486c5db3f4682d9f4dfc21960542e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:20 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5259317
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HHZRMQ6KZ7EQ00R2G4PQZGHW-lga
server: cloudflare
etag: W/"3965a-Lu2VKHRN+UwzJYzS2puHZQw9qzs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8571331c1a564bbb-BUF

GET
H2 200 vendors~saturn-benchmark.js Show response
static.arc.io/widget/js/ 72 KB
22 KB 30ms
29ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~saturn-benchmark.js?b7a151e4
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: b6fae66819d4c9cc2ddfd2906f37491aadbbe749dd671815b9e519ddbf5f1b8f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:20 GMT
content-encoding: br
cdn-edgestorageid: 1070
x-amz-request-id: T2CMYZ0HV8VF2P48
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/11/2024 23:15:35
cdn-pullzone: 786569
x-amz-id-2: CiOpjaraqS6xq/UKXA63bGgc/N1QDMSk/WRzQhLEzFBnYRwJIi6YCzoboQNV3Tn5g/eTkCJvvR8=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1c4f530c31856a4351aba686878efab5"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 45978a86ab5f659c4aef20b2c5152480
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 saturn-benchmark.js Show response
static.arc.io/widget/js/ 7 KB
4 KB 35ms
35ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/saturn-benchmark.js?058026e9
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: d32e230d0853796d6ab90219c1003e0648167fd6341182e5fa0252cc253a4801

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:20 GMT
content-encoding: br
cdn-edgestorageid: 718
x-amz-request-id: SRY0ANZ0SD30YDZ2
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 22:11:08
cdn-pullzone: 786569
x-amz-id-2: HXLw+lgGXd+q5M0DpLTPivGnfITKZX/AulVXarcTOx1IGSlLZZ53tD5q9U5B8iXH+Ef3BI8mnl8=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"8ab68a778a1cff7b08b0ecb6558184ad"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: ae84f991e11629bf1b97ec6314721629
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chunk-2d0cf2b3.js Show response
static.arc.io/widget/js/ 3 MB
691 KB 29ms
28ms Script
text/javascript 2400:52e0:1a00::894:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/chunk-2d0cf2b3.js?d98d2542
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-894 /
Resource Hash: d5f83459cd7022769a57a436f24ed1540369eec2ebbec331275d46d8cfbea98c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:20 GMT
content-encoding: br
cdn-edgestorageid: 1029
x-amz-request-id: R4Q7WKY87V3EP17F
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/31/2023 19:20:20
cdn-pullzone: 786569
x-amz-id-2: tmVQB/TePrK1CxHv2BvXHYxxwVUCWmmG0RK1RIrKMl4R6NFl5R+XMuhItPUaPd1RzSwnPG7tczA=
last-modified: Tue, 31 Oct 2023 18:10:04 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"3e9a577ca6bcba5cdf18d0dafd192870"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 0c1af3ce11431efd99dbf464f6a3e5b0
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 40ms
39ms Ping
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8QTNRD0R4M&gtm=45je42e0v9175770313za200&_p=1708206135633&gcd=13l3l3l3l1&npa=0&dma=0&cid=1341488755.1708206136&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1708206135&sct=1&seg=0&dl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1708067901&dr=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&dt=HubDrive%20%7C%20Salaar.2023.4K.SDR.10Bit.WEB-DL.Hindi.DDP5.1-Telugu.DDP5.1.HEVC.x265-HDHub4u.Tv.mkv&en=scroll&epn.percent_scrolled=90&_et=10&tfd=5591
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8QTNRD0R4M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:42:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 top-cids Show response
cids.arc.io/ 6 KB
4 KB 114ms
28ms Fetch
application/json 2400:52e0:1a00::871:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cids.arc.io/top-cids
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::871:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-871 /
Resource Hash: 9d0738e688bbda8ebd6b189bab3cde74dc9e33aa2927075433357cd2b528a12b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:42:21 GMT
content-encoding: br
cdn-edgestorageid: 1070
cdn-cachedat: 02/17/2024 21:23:20
cdn-pullzone: 1392871
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"196f-zSvZAN7xUovyn6o4m8298GHT+bw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=3600
cdn-requestid: 08f939f161d8eee5eccd9a38500a89b7
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK / Show response
su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws/ 391 B
849 B 628ms
154ms Fetch
application/json 2600:1f14:50b:9a01:cb4f:8b89:fd1c:7f04

General

Check archive.org

Show headers Download Go to

Full URL: https://su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws/?clientKey=c11dbbe1-a007-4e59-86d5-fc67dc8f317c
Requested by: Host: unpkg.com
URL: https://unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/strn.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:50b:9a01:cb4f:8b89:fd1c:7f04 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6bcda2fbb316ea112500a7db44d3b284eb3ba4015c8c2ad2ff57067e710aad1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:42:21 GMT
x-amzn-RequestId: 527f0932-b0fd-41b6-bbe5-8cb7079b6019
X-Amzn-Trace-Id: root=1-65d1283d-00cef46a3e3e0f7605508b87;parent=226c97de24da965e;sampled=0;lineage=b81009d1:0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://hubdrive.lat
cache-control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 391

GET master7.m3u8
l1s.saturn.ms/ipfs/bafybeihz2kk75w6vr32jhjkcwksmmf3gngtneho4atxyqg5oackkpfsx7e/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tracker.arc.io
URL: https://tracker.arc.io/

Domain: l1s.saturn.ms
URL: https://l1s.saturn.ms/ipfs/bafybeihz2kk75w6vr32jhjkcwksmmf3gngtneho4atxyqg5oackkpfsx7e/master7.m3u8?format=car&dag-scope=entity&jwt=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIwODNjZWRkNi0yMmNlLTQ1N2YtOWRhNy00YjdhYzhmYzk0NTciLCJzdWIiOiJjMTFkYmJlMS1hMDA3LTRlNTktODZkNS1mYzY3ZGM4ZjMxN2MiLCJzdWJUeXBlIjoiY2xpZW50S2V5IiwiYWxsb3dfbGlzdCI6WyJhcmMuaW8iLCIqIl0sImtub3duUGVlcnMiOnt9LCJpYXQiOjE3MDgyMDYxNDEsImV4cCI6MTcwODIwOTc0MX0.ren6libxTLMPgRAqU4AeGbhrY19NRt7eZqXpd1yY_OCf7ak_vy38LcZkbdcpQFjL3UaXBPDAo0DAiEEG0pg9hw

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hubdrive.lat/	1969-12-31 23:59:59	Name: PHPSESSID Value: 64bd0f4f4583da15b73b8c31b36ccf43
.hubdrive.lat/	1970-01-21 04:06:06	Name: _ga Value: GA1.1.1341488755.1708206136
.hubdrive.lat/	1970-01-21 04:06:06	Name: _ga_8QTNRD0R4M Value: GS1.1.1708206135.1.0.1708206135.0.0.0
greenfox.ink/	1969-12-31 23:59:59	Name: OAGEO Value: 2%7CUS%7CNA%7C%7CBuffalo%7C14202%7C42.8867%7C-78.8927%7C20%7CAmerica%2FNew_York%7C514%7CNY%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
core.arc.io/	1970-01-21 03:15:42	Name: _immortal\|Arc_nodeId Value: VdgpVj8iC7Ci1CKMVaNz4S
thubanoa.com/	1970-01-21 03:15:42	Name: oaidts Value: 1708206135
.criteo.com/	1970-01-21 03:51:42	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:51:42	Name: uid Value: dbccd2c0-4e33-432a-872e-0bb15cf62ab2
.criteo.com/	1970-01-21 03:51:42	Name: partitioned_bundle Value: yelOVF92R21jNXJyOVY1cmhOdmRkbjdHcmx2V05EOEtlNVhlS3pBMnozMEFIcXZiTnl4WXA3NmElMkYySzFHaUJZMko3YzlXdGxIMlBzVGNCeXJLMjlUUktKZm14Ym4xMUp2U05VempHOFBDWlFZZkxiMlpoa09wRnNVc2txQXFUOFR0VmIxZGN4TkM3RERsa2lIciUyQlVwS0VDQXBROHh2djlJWDFZbiUyQmhNWGhqbExtdjNxUllwZm5BbXdjNUJHQlpNM3RnRTA
.hubdrive.lat/	1970-01-21 03:51:42	Name: cto_bundle Value: 8awtl192R21jNXJyOVY1cmhOdmRkbjdHcmx2V05EOEtlNVhlS3pBMnozMEFIcXZiTnl4WXA3NmElMkYySzFHaUJZMko3YzlXdGxIMlBzVGNCeXJLMjlUUktKZm14Ym4xMUp2U05VempHOFBDWlFZZkxiMlpoa09wRnNVc2txQXFUOFR0VmIxOWJnYU1mWGViMWNLNXFFQmZPOUMzdyUzRCUzRA
.arc.io/	1970-01-21 04:06:06	Name: widgetOptState Value: {%22state%22:%22UNDECIDED%22%2C%22date%22:%222024-02-17T21:42:15.779Z%22%2C%22dismissedAt%22:null}
greenfox.ink/	1970-01-21 03:15:42	Name: OAID Value: d6b3446e8b4c14281bc7cc9f1e82af24
my.rtmark.net/	1970-01-21 03:15:42	Name: ID Value: 6b2c7a258df14984b5f57c17e4cccc48
.doubleclick.net/	1970-01-21 04:06:06	Name: IDE Value: AHWqTUmhwxiFJpu1ZS2Ymg90FKL5N-Igfza9h5gdczDyxr1nsJfUCscf4e4qF-mn
.adnxs.com/	1970-01-20 20:39:42	Name: XANDR_PANID Value: FvPqByKWchQMLX_ogmPva01h1Z5YHBaTGwPDkWgjuBXs8AzAC1ydfi5-aP3fbuTs853U6ImOYOyT-El-7uNa_bnqQzZjAIWEZVUckIA9RVU.
.adnxs.com/	1970-01-21 04:06:06	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:39:42	Name: uuid2 Value: 8825078374659066542
.casalemedia.com/	1970-01-20 20:39:42	Name: CMPS Value: 1441
.casalemedia.com/	1970-01-20 20:39:42	Name: CMPRO Value: 1441
.adnxs.com/	1970-01-20 20:39:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilf93HQu!@wnfH8K6pQK`!5=E<L5?%MifF]31HoqAdG'1u2asiFio0^+BDC[N/S@z0bpRzqF1`b_M@)AS>
.casalemedia.com/	1970-01-21 03:15:42	Name: CMID Value: ZdEoOdHM54QAABEMAA914QAA
.doubleclick.net/	1970-01-20 22:49:18	Name: receive-cookie-deprecation Value: 1
thubanoa.com/	1970-01-21 03:15:42	Name: OAID Value: 6b2c7a258df14984b5f57c17e4cccc48
.openx.net/	1970-01-21 03:15:42	Name: i Value: fb8eefad-64bb-433c-a03d-34bd42be897d\|1708206137
.doubleclick.net/	1970-01-20 18:30:07	Name: test_cookie Value: CheckForPermission
.hubdrive.lat/	1970-01-21 03:51:42	Name: __gads Value: ID=2f6b8e35d34aa239:T=1708206136:RT=1708206136:S=ALNI_MbP9L8_Jvgyy0LDNiSgapHqJRcaNg
.hubdrive.lat/	1970-01-21 03:51:42	Name: __gpi Value: UID=00000dcad0ffa33d:T=1708206136:RT=1708206136:S=ALNI_MZLtnU1V2zGikJxYA7QbJCvhtYoTw
.hubdrive.lat/	1970-01-20 22:49:18	Name: __eoi Value: ID=c2a23153b748c8ea:T=1708206136:RT=1708206136:S=AA-AfjYeizv8cpVNzopdgZ6_M9z-
.teads.tv/	1970-01-21 03:14:15	Name: tt_viewer Value: 49dab4bb-461a-44cc-b5b4-5d1273b59a91
thubanoa.com/	1970-01-21 03:15:42	Name: oaidvc Value: 1
thubanoa.com/	1970-01-20 18:30:09	Name: CNT Value: 2_6b2c7a258df14984b5f57c17e4cccc48-counters

146 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s0.2mdn.net/sadbundle/10646746922912410239/null Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1708067901 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8proof.com
ac9283e060b1e7d438d53912cdaba26f.safeframe.googlesyndication.com
ad.doubleclick.net
ajax.googleapis.com
arc.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cids.arc.io
cm.g.doubleclick.net
core.arc.io
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
greenfox.ink
gum.criteo.com
hubdrive-lat.cdn.ampproject.org
hubdrive.lat
ib.adnxs.com
id5-sync.com
interstitial-08.com
l1s.saturn.ms
littlecdn.com
mug.criteo.com
my.rtmark.net
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.arc.io
static.criteo.net
storage.googleapis.com
su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws
sync.teads.tv
thubanoa.com
tpc.googlesyndication.com
tracker.arc.io
unpkg.com
us-u.openx.net
use.fontawesome.com
warden.arc.io
www-google-com.cdn.ampproject.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
l1s.saturn.ms
tracker.arc.io
139.45.195.8
139.45.197.151
139.45.197.242
162.19.138.116
172.253.122.155
172.253.62.148
18.223.141.84
2001:4860:4802:34::178
23.222.197.151
2400:52e0:1a00::871:1
2400:52e0:1a00::894:1
2600:1f14:50b:9a01:cb4f:8b89:fd1c:7f04
2600:9000:26a0:2c00:a:e047:753:eb41
2606:4700:10::ac43:266a
2606:4700:10::ac43:a62
2606:4700:3037::ac43:b687
2606:4700:4400::6812:249b
2606:4700::6810:7aaf
2606:4700::6811:190e
2606:4700:e6::ac40:ce26
2607:f8b0:4004:c06::9b
2607:f8b0:4004:c07::61
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c08::cf
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1d::63
2607:f8b0:4004:c1d::84
2607:f8b0:4004:c1d::95
2620:100:a001::4
2620:100:a001::c
2a04:4e42:600::485
34.98.64.218
5.45.74.150
52.116.53.150
54.192.51.118
68.67.160.76
74.119.119.139
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
03d5ffcc6177da76ee1578b71967331daf019b28e914d75dcc256de90fe9b016
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09ebb783fb7a5618b6baebab218a5f2140d2bcbc736016751a5aac667f592265
0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019
0a96f5241acb901744f6bdf40c178f97c1aff0b9dd312f2333a4732aaa98f911
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1d16719a78d48f2627cc5915ba6c3cab7cc502ddaee904a84aac319774d0e0
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
121af9ef11bee0dc782d9e111852c78ff38876bc57e059c89883521ed544664f
15dd17bc017fd6b5c5874bf0c0f127131b09f9f8a4a5f596aa846269f4bad7c9
15e43a1366b7c320c12ace3497892fd0eff14b08d3db0d833874c7a65712fa18
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1664d91ecac81370ecbbe5f5ae6297a1a5e6c80e8cc5b51ff934ee2bf47f51f3
170fc28046efe0a2310c72af9f6d88c39458c227d4b9d7f77738f78cf1c3a11f
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1ef1914f65b438c33fe5d0bf8ebc276aad3e6077ed63fd6b5318038d71cfbbb0
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
2093a9f5b930a6d1b6637fb285a4573cba22afe06a0bb4e552ee269bad5c1f83
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
270c0a409ade4580ab41e71428f2352e4ce72a0d04dd99c97deec387da4650a3
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2d349b4e11cd63a57173f2f134aa14ad21a02811fb8a74bcc15a8a7906dab810
2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d
2dcb308a0ea2c9de8bbdee44a276aa7649ee5b3c6b19b956f03bb7191b3f661d
309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469
31501078b411835882c834ed620bebe77a2b8ff3664514358cda957fba8c247d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b
33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8
3465ab3f72d4c3ddc2943112cabd7d5bf5faec502ce18319571234957329a1b0
35876455baa5aee4bfb708042ab2a3c663020c92d4df5b2c1439fd540123fd09
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
36d65338739fc514e64beb4f96cee7da92ae1617ff10a1da27377874f4df9751
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39f6ac51652b9d0c4f9d62f922c983f1875505f3282593283f4721582ee52d70
3aed965540d2312363b7f796619042d0406025069b335b5f074d52afa9d4c9d1
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
3b49e4e2d0608154af70b0aa66b8e84756b395091b856d0864223fad32baa0e8
3c8656750e3e31b4904f0582890952fc34ddc21f068babf06769b4573f5c015d
400851f4cac11f9e1867253c679fa40d686f328c0f61fa2957178ac544625f2c
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b675a7479aba680e5d2d265f1f0a561f53498e76001c5f54f62b8d0500bb4e
48300d1c7ab651001aae3c637c6239cbb6d27267c76798f122f7a564bc9f1555
487bc1cf7b1631ce796c055c044f8b4e06a7caaaae72a0804c23e5f2f1791a52
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c81debd9f6a47b75383988410f4b8cf6750f23fa23d4d2a8ef4ed2071029f24
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
5101d202c69226aa554c5a7dd1e747e5bfcd5354fcf9013f43cbda40e6362996
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
56430000e88585edc3ebf852d96d98f321a53104ac1f60a5e84bdfa68deea903
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e089f0da1812bf08f644b5ad270450d1e627004a4086fc9985842bcc2d920a
6466c1ac875b1a43bd018a2c74ec4e95f6db7dcc86d282a836881cc6080c07c5
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
757b9768e0c48924a1cdf690463a65d4f48b864f131da4a6e67cafc15bd66430
7a4a51ab0b9301083e145526762d065e622a0ec8cfb5a866cd6b20c87087ff08
7e8192b8273cf0f846c3c9365b3aa10305dffd49c8b219628b31430db949f230
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
85648d637e15a27b15f25115914ca184c596c256caae2019929b56ed58d8eb3b
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
8aff6ddd59c867ed9eb8e9704a341920b90bf0a5b25e94158e293c37063e7fe5
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
8e3737c1cbde4b54f6c8b42fcb3448200d1321b3b514684fcff6411f7e93c63d
8f913733fa2872d794c45a1e2191f2e9c75976a7715faf1ef70cf3e364df9458
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
94c2dbf270ed4a20bc7ce6d671c53dbb4bef954181b13a76d95e77db70cf7281
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9d0738e688bbda8ebd6b189bab3cde74dc9e33aa2927075433357cd2b528a12b
9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9fff0c5dd31da374be16e16094f4272bdd7e43e2ad56b3c29abda77e63752079
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a77bee92347b9bbd0786d53fe05e0d5c3d486c5db3f4682d9f4dfc21960542e9
aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89
adda803d5bef5e076dce3525079973854ac3bafc18652293227d5b717c9e550c
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
b085792cba4cacf7144409083b663be6d15686af10d7b3a1293aea5b7d9b3932
b0b96d63ca38ed0328548cad2e24fe68163ca06f8eaf48c413eb083cb1ce71a6
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39d09ccb303b024e73b2cb2888b32e1a5dd3f9e69baf6a4e0b0a3d1bafaf01b
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
b6fae66819d4c9cc2ddfd2906f37491aadbbe749dd671815b9e519ddbf5f1b8f
bb0f8d0ddd86c8950343123306347b29b3dfb334281d37a69069bd2dbe73f42a
bbd7ff07f9c3a37b8dfd4dff6e162360f00e7625a2b01b864afd25ced22e7520
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
c4553db9c6f8ac8363f52730234c6e6978828fd5638df4d0dbcfd8bec71a08ca
ca943937aa6c69286d489d0720b1c8734d67446f5495374ff618f40788b65c75
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
d01ac26c5959ba14ab488f5fbec45d15679a0a81152bef49144200d52b9ae895
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d32e230d0853796d6ab90219c1003e0648167fd6341182e5fa0252cc253a4801
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
d5f83459cd7022769a57a436f24ed1540369eec2ebbec331275d46d8cfbea98c
d6bcda2fbb316ea112500a7db44d3b284eb3ba4015c8c2ad2ff57067e710aad1
d83b7c0e9b8f2e74b3cbe129a54793a25ea5410d9f7730f049df3e1f387be59f
d865c4606f6f8fdc900cd531f630064d76dff960ccf06cb46cd3f7a04d713bb3
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edb3c01e1be23cd4ab06a59dd05ed00229349a2c70b703607ad37e618b6251d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f0f755e1d8c273271b3237400ad7fee7f173c8099ac5f3f1766e9b58acafb6d7
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f9e64766feb949ad18eb8e5c646d10e662c52177eb7e4db9c052d71b709fd707
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fba7b9242113390e99277bd207daba9b5b1bf029ae5a5867472cf0d8c589b05d
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fd317a20d438b4caad987f36b1f9e212af87c6e383aa84027d95ae943c083536
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

hubdrive.lat Open in urlscan Pro 2606:4700:3037::ac43:b687 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

201 Requests

92 %HTTPS

67 %IPv6

31 Domains

46 Subdomains

43 IPs

4 Countries

3728 kBTransfer

10590 kBSize

31 Cookies

1 Outgoing links

Page URL History

Redirected requests

201 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hubdrive.lat Open in urlscan Pro
2606:4700:3037::ac43:b687 Public Scan

Screenshot
Live screenshot

Full Image

201
Requests

92 %
HTTPS

67 %
IPv6

31
Domains

46
Subdomains

43
IPs

4
Countries

3728 kB
Transfer

10590 kB
Size

31
Cookies

201 HTTP transactions
15 data transactions