urlscan.io logo urlscan.io
SecurityTrails logo

www.crx4chrome.com Open in urlscan Pro
2606:4700:3032::681b:9773  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Submission: On June 05 via manual from GR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 10 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3032::681b:9773, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.crx4chrome.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 4th 2020. Valid for: 8 months.
This is the only time www.crx4chrome.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

23    2606:4700:3032::681b:9773 (United States)

ASN13335 (CLOUDFLARENET, US)
www.crx4chrome.com
s.crx4chrome.com
img.crx4chrome.com
4    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
www.googletagservices.com
1    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
2    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
7    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
12 img.crx4chrome.com www.crx4chrome.com
10 s.crx4chrome.com www.crx4chrome.com
cdnjs.cloudflare.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com www.crx4chrome.com
pagead2.googlesyndication.com
4 cdnjs.cloudflare.com www.crx4chrome.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.crx4chrome.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.youtube-nocookie.com www.crx4chrome.com
1 www.googletagmanager.com www.crx4chrome.com
1 www.crx4chrome.com
47 13
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-04 -
2020-10-09		 8 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Frame ID: 67A1C540E41657F6E532ECE0A68FA707
Requests: 38 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/BwYDZwRzrzI?rel=0
Frame ID: ABBA6497FBBC26F71B7C4714AC1B2A81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200602/r20190131/zrt_lookup.html
Frame ID: 74926E3DABA49CC1D2CE9DE120E558B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&h=280&slotname=4610240979&adk=2582736136&adf=2701387110&w=740&fwrn=4&fwrnh=100&lmt=1591358347&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=740x280&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591358347016&bpp=44&bdt=217&idt=167&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6213957125704&frm=20&pv=2&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=536881834&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jeOtQC30Zo&p=https%3A//www.crx4chrome.com&dtd=187
Frame ID: A6EC0A085CCD7CBD7137723F6DD69036
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&h=90&slotname=1410711604&adk=3635358997&adf=1071619438&w=740&fwrn=4&lmt=1591358347&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=740x90_0ads_al&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1591358347060&bpp=4&bdt=261&idt=153&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Z0JBopAGZ5&p=https%3A//www.crx4chrome.com&dtd=203
Frame ID: B4C6BEB7BC120BA86C28460C91724880
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&h=185&slotname=9194716944&adk=128747940&adf=277215133&w=740&fwrn=4&lmt=1591358347&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&wgl=1&adsid=NT&dt=1591358347064&bpp=2&bdt=266&idt=206&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=2901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=a4xPfaoEpJ&p=https%3A//www.crx4chrome.com&dtd=211
Frame ID: 1E1CF7A3673286C883A656F321C3B56C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&h=444&slotname=4328072976&adk=1517810964&adf=996920431&w=740&cr_col=4&cr_row=2&fwrn=2&lmt=1591358347&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=740x444&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1591358347066&bpp=1&bdt=267&idt=212&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al%2C740x185&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=52Avc4vbgb&p=https%3A//www.crx4chrome.com&dtd=216
Frame ID: E64A686C64388991C8441BB9EED0B6BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&h=600&slotname=6366175771&adk=1723837308&adf=1140842746&w=300&fwrn=4&fwrnh=100&lmt=1591358347&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1591358347067&bpp=1&bdt=269&idt=252&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al%2C740x185%2C740x444&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1024&ady=1084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZYmUGhsLYY&p=https%3A//www.crx4chrome.com&dtd=256
Frame ID: B5ED137AD66CCA95C538DD00C3F66722
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&adk=1812271804&adf=3025194257&lmt=1591358347&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1591358347068&bpp=1&bdt=270&idt=299&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al%2C740x185%2C740x444%2C300x600&nras=1&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=5&uci=a!5&fsb=1&dtd=309
Frame ID: 337512C6235B5A9E338F636BBF6A3E31
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 50F0929A6200A1377827A168D00E9F5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

47
Requests

100 %
HTTPS

100 %
IPv6

10
Domains

13
Subdomains

9
IPs

2
Countries

373 kB
Transfer

846 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/ 		51 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3fd1255116d0f2a49a0c48e70b423a7702ec815b2cba698a07cf82149716372
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.crx4chrome.com
:scheme
https
:path
/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 05 Jun 2020 11:59:06 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d26c04eb0dd2f7cfa2ff992946ab6abf51591358346; expires=Sun, 05-Jul-20 11:59:06 GMT; path=/; domain=.crx4chrome.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cache-control
max-age=172800
cf-cache-status
MISS
cf-request-id
0325f26dd8000097d8e5272200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
59e9b9c2fe1297d8-FRA
content-encoding
br
style.css
s.crx4chrome.com/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.crx4chrome.com/style.css
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e29888449acd3a410f0dfea4ad34aadff8bf203be61340be67906fff7764c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5943
cf-polished
origSize=35864
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 22 Nov 2019 05:14:12 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5dd76ea4-8c18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
expires
Fri, 12 Jun 2020 10:20:03 GMT
cache-control
max-age=604800
cf-request-id
0325f26e45000097d8e5279200000001
cf-ray
59e9b9c3aea597d8-FRA
cf-bgj
minify
skeleton.css
s.crx4chrome.com/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.crx4chrome.com/css/skeleton.css
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9146028c4602077aa68d01aa72c875545d30730815101b6f61ab60047c6ffa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
502344
cf-polished
origSize=11741
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Sat, 10 Aug 2019 08:33:03 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5d4e813f-2ddd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
expires
Sat, 06 Jun 2020 16:26:42 GMT
cache-control
max-age=1296000
cf-request-id
0325f26e45000097d8e527a200000001
cf-ray
59e9b9c3aea797d8-FRA
cf-bgj
minify
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10342438
status
200
alt-svc
h3-27=":443"; ma=86400
cf-request-id
0325f26e4200002484cf8de200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Tue, 17 Jul 2018 12:30:51 GMT
server
cloudflare
etag
W/"5b4de17b-fe0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
59e9b9c39a512484-FRA
expires
Wed, 26 May 2021 11:59:06 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1864076
status
200
alt-svc
h3-27=":443"; ma=86400
cf-request-id
0325f26e4200002484cf8df200000001
served-in-seconds
0.004
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:15 GMT
server
cloudflare
etag
W/"5afd494f-14e4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
59e9b9c39a522484-FRA
expires
Wed, 26 May 2021 11:59:06 GMT
jquery.lazyload.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5320284
status
200
alt-svc
h3-27=":443"; ma=86400
cf-request-id
0325f26e4200002484cf8e1200000001
served-in-seconds
0.000
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:13 GMT
server
cloudflare
etag
W/"5afd494d-d35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
59e9b9c39a552484-FRA
expires
Wed, 26 May 2021 11:59:06 GMT
jquery.mobilemenu.min.js
s.crx4chrome.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.crx4chrome.com/js/jquery.mobilemenu.min.js
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc6f35d495daa9024207ac02873845e08564c284a9972fbc709aa1faa2345aaa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
602670
status
200
vary
Accept-Encoding
cf-request-id
0325f26e45000097d8e527c200000001
last-modified
Tue, 24 Dec 2013 08:49:36 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"52b94aa0-804"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=1296000
cf-ray
59e9b9c3aea997d8-FRA
expires
Fri, 05 Jun 2020 12:34:35 GMT
tpcrn_scripts.js
s.crx4chrome.com/js/ 		1 KB
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.crx4chrome.com/js/tpcrn_scripts.js
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbf06437378a6c4787102399270e0a056122a72e90edb43cda2ec3f198149562
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
58111
cf-polished
origSize=1504
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 16 Apr 2015 12:43:20 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"552fae68-5e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
expires
Thu, 11 Jun 2020 19:50:35 GMT
cache-control
max-age=1296000
cf-request-id
0325f26e45000097d8e527b200000001
cf-ray
59e9b9c3aea897d8-FRA
cf-bgj
minify
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1860843
status
200
alt-svc
h3-27=":443"; ma=86400
cf-request-id
0325f26e4200002484cf8e0200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Tue, 17 Jul 2018 12:30:51 GMT
server
cloudflare
etag
W/"5b4de17b-5148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
59e9b9c39a542484-FRA
expires
Wed, 26 May 2021 11:59:06 GMT
js
www.googletagmanager.com/gtag/ 		83 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-54993728-1
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51e23efe75c3303c9a48936d2ccd0d98ac6ba3bd93e09f1f88f4bd8e4de03876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33166
x-xss-protection
0
last-modified
Fri, 05 Jun 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Jun 2020 11:59:06 GMT
logo.png
s.crx4chrome.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.crx4chrome.com/images/logo.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55339333062ce62ae80b85d60a85b42430c56f5f34abdc6591f44fddf9857366
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
438830
status
200
vary
Accept-Encoding
content-length
2745
cf-request-id
0325f26e67000097d8e5281200000001
last-modified
Sun, 14 May 2017 09:48:37 GMT
server
cloudflare
x-frame-options
DENY
etag
"591827f5-ab9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59e9b9c3ded497d8-FRA
expires
Sun, 07 Jun 2020 10:05:16 GMT
cjbjepchlgclmpinlbbeinajphohgfod-icon.png
img.crx4chrome.com/aa/cb/92/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/aa/cb/92/cjbjepchlgclmpinlbbeinajphohgfod-icon.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fcf0bf88f10e42e892cd7a99adc782f82be49f21192851deefbbab1316de007
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Accept-Encoding
content-length
2854
cf-request-id
0325f26e88000097d8e5289200000001
last-modified
Fri, 11 Nov 2016 07:45:39 GMT
server
cloudflare
x-frame-options
DENY
etag
"58257723-b26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c40f0697d8-FRA
expires
Fri, 12 Jun 2020 11:59:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		107 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5abdaee6a4219e805e4abae9359468ca0deb09995acd758450b3c3618a606959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
39605
x-xss-protection
0
server
cafe
etag
10786390399340675305
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Jun 2020 11:59:06 GMT
3.png
s.crx4chrome.com/images/rating/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.crx4chrome.com/images/rating/3.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5612d21740a72ef35d7dcf9f5ec3b12238cae18d8818bd86759bf254bbb85c55
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
17303
status
200
vary
Accept-Encoding
content-length
2090
cf-request-id
0325f26e78000097d8e5284200000001
last-modified
Sat, 03 Jan 2015 10:00:23 GMT
server
cloudflare
x-frame-options
DENY
etag
"54a7bdb7-82a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c3fee697d8-FRA
expires
Fri, 12 Jun 2020 07:10:43 GMT
cjbjepchlgclmpinlbbeinajphohgfod-screenshot.jpg
img.crx4chrome.com/aa/cb/92/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/aa/cb/92/cjbjepchlgclmpinlbbeinajphohgfod-screenshot.jpg
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df5bd9f8b413cd0d1e1a3a75803421295a09701add12ae515fb73c6213f7911
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Accept-Encoding
content-length
60503
cf-request-id
0325f26e88000097d8e528a200000001
last-modified
Fri, 08 Jun 2018 16:49:32 GMT
server
cloudflare
x-frame-options
DENY
etag
"5b1ab39c-ec57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c40f0797d8-FRA
expires
Fri, 12 Jun 2020 11:59:06 GMT
grey.gif
s.crx4chrome.com/ 		43 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.crx4chrome.com/grey.gif
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
902feb64d8b6d481ab8ddda06fbebbba4c95dfa9b7936a7beeb197266cd8b846
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
179949
status
200
vary
Accept-Encoding
content-length
43
cf-request-id
0325f26e78000097d8e5285200000001
last-modified
Wed, 26 Aug 2015 00:08:56 GMT
server
cloudflare
x-frame-options
DENY
etag
"55dd0398-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/gif
x-xss-protection
1; mode=block
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59e9b9c3fee997d8-FRA
expires
Wed, 10 Jun 2020 09:59:57 GMT
BwYDZwRzrzI
www.youtube-nocookie.com/embed/ Frame ABBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/BwYDZwRzrzI?rel=0
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube-nocookie.com
:scheme
https
:path
/embed/BwYDZwRzrzI?rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/

Response headers

status
200
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-encoding
br
content-type
text/html; charset=utf-8
cache-control
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Fri, 05 Jun 2020 11:59:07 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bg1.jpg
s.crx4chrome.com/images/bg/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.crx4chrome.com/images/bg/bg1.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4aadff95b198ce34775551854c6bb7f8005696bef536e78d9afb7a31440598d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.crx4chrome.com/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
598781
status
200
vary
Accept-Encoding
content-length
1503
cf-request-id
0325f26e98000097d8e528b200000001
last-modified
Mon, 05 Jan 2015 14:58:53 GMT
server
cloudflare
x-frame-options
DENY
etag
"54aaa6ad-5df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59e9b9c42f2297d8-FRA
expires
Fri, 05 Jun 2020 13:39:25 GMT
download_bg.png
s.crx4chrome.com/images/ 		505 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.crx4chrome.com/images/download_bg.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a61667f2ab873bd937471e4d5c01136a7d74acdf29a3d07096b5f47c66b9d845
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.crx4chrome.com/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
436469
status
200
vary
Accept-Encoding
content-length
505
cf-request-id
0325f26e9b000097d8e528c200000001
last-modified
Mon, 06 Apr 2015 10:45:55 GMT
server
cloudflare
x-frame-options
DENY
etag
"552263e3-1f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
59e9b9c42f2997d8-FRA
expires
Sun, 07 Jun 2020 10:44:37 GMT
bg-stripe.png
s.crx4chrome.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.crx4chrome.com/images/bg-stripe.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb198377126b0692c96187316bd7c993f18abc3136db9bd703baa01d8a264955
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.crx4chrome.com/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
213293
status
200
vary
Accept-Encoding
content-length
1773
cf-request-id
0325f26ea5000097d8e528f200000001
last-modified
Tue, 24 Dec 2013 08:49:36 GMT
server
cloudflare
x-frame-options
DENY
etag
"52b94aa0-6ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c43f3497d8-FRA
expires
Wed, 10 Jun 2020 00:44:13 GMT
nenlahapcbofgnanklpelkaejcehkggg-icon.png
img.crx4chrome.com/97/0e/b3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/97/0e/b3/nenlahapcbofgnanklpelkaejcehkggg-icon.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea01fa3a9c7da2150bd7f397d57ad910a882f226558347f6734373f7ea8011d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Accept-Encoding
content-length
1798
cf-request-id
0325f26edb000097d8e5292200000001
last-modified
Mon, 16 Mar 2020 04:57:04 GMT
server
cloudflare
x-frame-options
DENY
etag
"5e6f0720-706"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c49f6b97d8-FRA
expires
Fri, 12 Jun 2020 11:59:07 GMT
bmnlcjabgnpnenekpadlanbbkooimhnj-icon.png
img.crx4chrome.com/a8/47/99/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/a8/47/99/bmnlcjabgnpnenekpadlanbbkooimhnj-icon.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b303318994ddadfc632d74f11000a4b060c044644c55a05ebf04c3da33172f7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
92366
status
200
vary
Accept-Encoding
content-length
2197
cf-request-id
0325f26edb000097d8e5293200000001
last-modified
Thu, 19 Mar 2020 05:31:51 GMT
server
cloudflare
x-frame-options
DENY
etag
"5e7303c7-895"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c49f6c97d8-FRA
expires
Thu, 11 Jun 2020 10:19:40 GMT
mfidniedemcgceagapgdekdbmanojomk-icon.png
img.crx4chrome.com/b1/5d/9f/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/b1/5d/9f/mfidniedemcgceagapgdekdbmanojomk-icon.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
476d2b54d1d4831b4357e22ce3e6feb5433b1db899e85f55c230a4a016356d98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Accept-Encoding
content-length
3994
cf-request-id
0325f26edb000097d8e5294200000001
last-modified
Thu, 02 Apr 2020 04:21:17 GMT
server
cloudflare
x-frame-options
DENY
etag
"5e85683d-f9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c49f6e97d8-FRA
expires
Fri, 12 Jun 2020 11:59:07 GMT
oogdoioldgknmlmaaekjfeengjhiekde-icon.png
img.crx4chrome.com/fc/92/80/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/fc/92/80/oogdoioldgknmlmaaekjfeengjhiekde-icon.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5897718da7637f9cadf1f536cbddbd7324c4c487223b292ce2c929f9b06886a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Accept-Encoding
content-length
2822
cf-request-id
0325f26edb000097d8e5295200000001
last-modified
Mon, 13 Apr 2020 04:42:02 GMT
server
cloudflare
x-frame-options
DENY
etag
"5e93ed9a-b06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c49f7197d8-FRA
expires
Fri, 12 Jun 2020 11:59:07 GMT
lphicbbhfmllgmomkkhjfkpbdlncafbn-icon.png
img.crx4chrome.com/e2/f5/a1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/e2/f5/a1/lphicbbhfmllgmomkkhjfkpbdlncafbn-icon.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c7b3d47906a14232d2b76b66746ad6aac7d9d4fee90cc591541495626037e8b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
111293
status
200
vary
Accept-Encoding
content-length
1867
cf-request-id
0325f26edb000097d8e5296200000001
last-modified
Sat, 03 Nov 2018 16:29:05 GMT
server
cloudflare
x-frame-options
DENY
etag
"5bddccd1-74b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c49f7397d8-FRA
expires
Thu, 11 Jun 2020 05:04:13 GMT
chhjbpecpncaggjpdakmflnfcopglcmi-icon.png
img.crx4chrome.com/9c/2c/93/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/9c/2c/93/chhjbpecpncaggjpdakmflnfcopglcmi-icon.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb14775d88a061df5a1379dc69c566aff22877fc6ed8bc6358ef1dfe879cad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
92366
status
200
vary
Accept-Encoding
content-length
4064
cf-request-id
0325f26ee9000097d8e5298200000001
last-modified
Thu, 04 Jul 2019 17:02:45 GMT
server
cloudflare
x-frame-options
DENY
etag
"5d1e3135-fe0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c4af8597d8-FRA
expires
Thu, 11 Jun 2020 10:19:40 GMT
ibamclpibpnhmkaphhemfbljmenlpbch-icon.png
img.crx4chrome.com/ea/d6/1a/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/ea/d6/1a/ibamclpibpnhmkaphhemfbljmenlpbch-icon.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a015a64cd305fc9bba8d6bd83fab2d25bdb8ddce500d342259ddf218691ea4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
336688
status
200
vary
Accept-Encoding
content-length
3157
cf-request-id
0325f26ef3000097d8e529a200000001
last-modified
Thu, 19 Mar 2020 05:27:18 GMT
server
cloudflare
x-frame-options
DENY
etag
"5e7302b6-c55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c4bf9197d8-FRA
expires
Mon, 08 Jun 2020 14:27:39 GMT
khdffphpgkfkhnieloingcfkkboioada-icon.png
img.crx4chrome.com/72/68/80/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/72/68/80/khdffphpgkfkhnieloingcfkkboioada-icon.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c910e49253b3ff54d814701cd9879eac7d16cd543a921fd0bb9506331ad6ff56
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
273530
status
200
vary
Accept-Encoding
content-length
4131
cf-request-id
0325f26ef4000097d8e529c200000001
last-modified
Tue, 05 Jun 2018 13:31:44 GMT
server
cloudflare
x-frame-options
DENY
etag
"5b1690c0-1023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c4bf9397d8-FRA
expires
Tue, 09 Jun 2020 08:00:17 GMT
dbfipcjecamggjfabeaclacjoohfjhhn-icon.png
img.crx4chrome.com/2a/e6/5d/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/2a/e6/5d/dbfipcjecamggjfabeaclacjoohfjhhn-icon.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415cad5fc95cca72ff70c74f0defecb4f66dc4d4e1d1f5372561726f3b7e443e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Accept-Encoding
content-length
3612
cf-request-id
0325f26ef6000097d8e529d200000001
last-modified
Fri, 02 Aug 2019 18:17:47 GMT
server
cloudflare
x-frame-options
DENY
etag
"5d447e4b-e1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c4bf9797d8-FRA
expires
Fri, 12 Jun 2020 11:59:07 GMT
bbaogjaeflnjolejjcpceoapngapnbaj-icon.png
img.crx4chrome.com/b8/94/e4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.crx4chrome.com/b8/94/e4/bbaogjaeflnjolejjcpceoapngapnbaj-icon.png
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cef5bad49d02e54138ed5982bf6b81314fa599fdda58672d673b1c9561b4f30
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Accept-Encoding
content-length
3387
cf-request-id
0325f26f09000097d8e529f200000001
last-modified
Fri, 27 Mar 2020 15:29:11 GMT
server
cloudflare
x-frame-options
DENY
etag
"5e7e1bc7-d3b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
59e9b9c4dfad97d8-FRA
expires
Fri, 12 Jun 2020 11:59:07 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54993728-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
3767
date
Fri, 05 Jun 2020 10:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Fri, 05 Jun 2020 12:56:19 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.crx4chrome.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Jun 2020 11:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.crx4chrome.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Jun 2020 11:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/ 		215 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0563e7f92c3564af0f9d4cfbce95ed0f34c6e7e0b4c04dd68e4b6628412c458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
82827
x-xss-protection
0
server
cafe
etag
4187836308712077645
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jun 2020 11:59:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200602/r20190131/ Frame 7492 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200602/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200602/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 03 Jun 2020 13:02:36 GMT
expires
Wed, 17 Jun 2020 13:02:36 GMT
content-type
text/html; charset=UTF-8
etag
17826495148367054107
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4284
x-xss-protection
0
cache-control
public, max-age=1209600
age
168991
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=655087899&t=pageview&_s=1&dl=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&ul=en-us&de=UTF-8&dt=Screen%20capture%2C%20screenshot%20share%2Fsave%202423.38.46.352%20-%20Free%20Shopping%20Extension%20for%20Chrome%20-%20Crx4Chrome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=119059851&gjid=1129347014&cid=1095631836.1591358347&tid=UA-54993728-1&_gid=1809232321.1591358347&_r=1&gtm=2ou5r0&z=809508760
Requested by
Host: www.crx4chrome.com
URL: https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jun 2020 11:59:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A6EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&h=280&slotname=4610240979&adk=2582736136&adf=2701387110&w=740&fwrn=4&fwrnh=100&lmt=1591358347&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=740x280&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591358347016&bpp=44&bdt=217&idt=167&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6213957125704&frm=20&pv=2&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=536881834&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jeOtQC30Zo&p=https%3A//www.crx4chrome.com&dtd=187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9734249858226775&output=html&h=280&slotname=4610240979&adk=2582736136&adf=2701387110&w=740&fwrn=4&fwrnh=100&lmt=1591358347&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=740x280&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591358347016&bpp=44&bdt=217&idt=167&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6213957125704&frm=20&pv=2&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=536881834&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jeOtQC30Zo&p=https%3A//www.crx4chrome.com&dtd=187
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Jun 2020 11:59:07 GMT
server
cafe
content-length
21528
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 05-Jun-2020 12:14:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Jun 2020 11:59:07 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2492982947ed2c294bc237854de7004eee0ff09cfd5a72137c1eac9cbe9b2118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591185012131054"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27695
x-xss-protection
0
expires
Fri, 05 Jun 2020 11:59:07 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B4C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&h=90&slotname=1410711604&adk=3635358997&adf=1071619438&w=740&fwrn=4&lmt=1591358347&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=740x90_0ads_al&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1591358347060&bpp=4&bdt=261&idt=153&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Z0JBopAGZ5&p=https%3A//www.crx4chrome.com&dtd=203
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9734249858226775&output=html&h=90&slotname=1410711604&adk=3635358997&adf=1071619438&w=740&fwrn=4&lmt=1591358347&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=740x90_0ads_al&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1591358347060&bpp=4&bdt=261&idt=153&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Z0JBopAGZ5&p=https%3A//www.crx4chrome.com&dtd=203
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Jun 2020 11:59:07 GMT
server
cafe
content-length
6065
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 05-Jun-2020 12:14:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Jun 2020 11:59:07 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 1E1C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&h=185&slotname=9194716944&adk=128747940&adf=277215133&w=740&fwrn=4&lmt=1591358347&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&wgl=1&adsid=NT&dt=1591358347064&bpp=2&bdt=266&idt=206&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=2901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=a4xPfaoEpJ&p=https%3A//www.crx4chrome.com&dtd=211
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9734249858226775&output=html&h=185&slotname=9194716944&adk=128747940&adf=277215133&w=740&fwrn=4&lmt=1591358347&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&wgl=1&adsid=NT&dt=1591358347064&bpp=2&bdt=266&idt=206&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=2901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=a4xPfaoEpJ&p=https%3A//www.crx4chrome.com&dtd=211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Jun 2020 11:59:08 GMT
server
cafe
content-length
21589
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 05-Jun-2020 12:14:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Jun 2020 11:59:08 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame E64A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&h=444&slotname=4328072976&adk=1517810964&adf=996920431&w=740&cr_col=4&cr_row=2&fwrn=2&lmt=1591358347&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=740x444&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1591358347066&bpp=1&bdt=267&idt=212&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al%2C740x185&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=52Avc4vbgb&p=https%3A//www.crx4chrome.com&dtd=216
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9734249858226775&output=html&h=444&slotname=4328072976&adk=1517810964&adf=996920431&w=740&cr_col=4&cr_row=2&fwrn=2&lmt=1591358347&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=740x444&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1591358347066&bpp=1&bdt=267&idt=212&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al%2C740x185&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=52Avc4vbgb&p=https%3A//www.crx4chrome.com&dtd=216
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Jun 2020 11:59:08 GMT
server
cafe
content-length
15911
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 05-Jun-2020 12:14:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Jun 2020 11:59:08 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B5ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&h=600&slotname=6366175771&adk=1723837308&adf=1140842746&w=300&fwrn=4&fwrnh=100&lmt=1591358347&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1591358347067&bpp=1&bdt=269&idt=252&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al%2C740x185%2C740x444&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1024&ady=1084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZYmUGhsLYY&p=https%3A//www.crx4chrome.com&dtd=256
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9734249858226775&output=html&h=600&slotname=6366175771&adk=1723837308&adf=1140842746&w=300&fwrn=4&fwrnh=100&lmt=1591358347&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1591358347067&bpp=1&bdt=269&idt=252&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al%2C740x185%2C740x444&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1024&ady=1084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZYmUGhsLYY&p=https%3A//www.crx4chrome.com&dtd=256
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Jun 2020 11:59:08 GMT
server
cafe
content-length
21760
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 05-Jun-2020 12:14:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Jun 2020 11:59:08 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 3375 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734249858226775&output=html&adk=1812271804&adf=3025194257&lmt=1591358347&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1591358347068&bpp=1&bdt=270&idt=299&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al%2C740x185%2C740x444%2C300x600&nras=1&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=5&uci=a!5&fsb=1&dtd=309
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9734249858226775&output=html&adk=1812271804&adf=3025194257&lmt=1591358347&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.crx4chrome.com%2Fextensions%2Fcjbjepchlgclmpinlbbeinajphohgfod%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1591358347068&bpp=1&bdt=270&idt=299&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x280%2C740x90_0ads_al%2C740x185%2C740x444%2C300x600&nras=1&correlator=6213957125704&frm=20&pv=1&ga_vid=1095631836.1591358347&ga_sid=1591358347&ga_hid=655087899&ga_fc=0&iag=0&icsg=2684365482&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C42530451%2C42530453&oid=3&pvsid=1846857027341002&pem=798&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=5&uci=a!5&fsb=1&dtd=309
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Jun 2020 11:59:07 GMT
server
cafe
content-length
1222
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 05-Jun-2020 12:14:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Jun 2020 11:59:07 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200602&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29534cd7af7cadad3f677d617b435e779c14783206d15c06e656caa7037bdbbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Jun 2020 11:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5548
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 11:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5456
x-xss-protection
0
expires
Fri, 05 Jun 2020 11:59:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 50F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Fri, 05 Jun 2020 11:52:18 GMT
expires
Sat, 05 Jun 2021 11:52:18 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
410
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200602&jk=1846857027341002&bg=!o6CloLhY4PcYxKkAvMMCAAAATVIAAAATmQF6N5A_sj91eK1vp-U35KAUfwqhXgejbfC0xzm-7hVMz_QWt2ZMi-PvA0vBsw5GwFfI2wJg26rlEUqDBEf52cQk-csDRSf2wxH99Jm9i7pEaCapqSXw--FOPPCvi9hNArhzwL_H9zf_Ti9wowHE-Q0BMTIQ9WPE1dU2C_Y91vUnbsv4hP8mJ_iwFHfpNGNND5wr3FwuVsWAEmpc8YSyT7CGGNgHYWcxvqRjF0qb3dC6lBxbSHmtJP65o35hst6a_ILnAg4glwK--Up1Y0FMiDXORb9lL93MJEt0amC9_Sv9EK99XGM0pnNkebzSC4Qat751HZtA0vvm3zpPPPPylGJXjhif8oHsQfE1MJOR9uDPM57TTuHa-1oBlW3KiRphJGJl2a77X-i2C2bjgZxP0ofJgAKlQSWetH5UUnUETE3MDFm3TnH9pDM3DBFt_Glhpsf88bMZKDPuRCGCWktUOoaHxw-cIdIr4wSX29RbW1v0pvi4_xnFCugq5wuB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.crx4chrome.com/extensions/cjbjepchlgclmpinlbbeinajphohgfod/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jun 2020 11:59:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| cookieconsent function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUlE-HV1z6Nyk5CYzZD1gAyiJRUhEptnSr0ijt2iQv316ruU6FGDx7yabFTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
googleads.g.doubleclick.net
img.crx4chrome.com
pagead2.googlesyndication.com
s.crx4chrome.com
tpc.googlesyndication.com
www.crx4chrome.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.youtube-nocookie.com
2606:4700:3032::681b:9773
2606:4700::6810:84e5
2a00:1450:4001:801::2002
2a00:1450:4001:814::2001
2a00:1450:4001:815::2002
2a00:1450:4001:815::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:825::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0df5bd9f8b413cd0d1e1a3a75803421295a09701add12ae515fb73c6213f7911
1fcf0bf88f10e42e892cd7a99adc782f82be49f21192851deefbbab1316de007
2492982947ed2c294bc237854de7004eee0ff09cfd5a72137c1eac9cbe9b2118
24e29888449acd3a410f0dfea4ad34aadff8bf203be61340be67906fff7764c5
29534cd7af7cadad3f677d617b435e779c14783206d15c06e656caa7037bdbbe
2cef5bad49d02e54138ed5982bf6b81314fa599fdda58672d673b1c9561b4f30
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3c7b3d47906a14232d2b76b66746ad6aac7d9d4fee90cc591541495626037e8b
415cad5fc95cca72ff70c74f0defecb4f66dc4d4e1d1f5372561726f3b7e443e
476d2b54d1d4831b4357e22ce3e6feb5433b1db899e85f55c230a4a016356d98
51e23efe75c3303c9a48936d2ccd0d98ac6ba3bd93e09f1f88f4bd8e4de03876
55339333062ce62ae80b85d60a85b42430c56f5f34abdc6591f44fddf9857366
5612d21740a72ef35d7dcf9f5ec3b12238cae18d8818bd86759bf254bbb85c55
5897718da7637f9cadf1f536cbddbd7324c4c487223b292ce2c929f9b06886a3
5abdaee6a4219e805e4abae9359468ca0deb09995acd758450b3c3618a606959
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
902feb64d8b6d481ab8ddda06fbebbba4c95dfa9b7936a7beeb197266cd8b846
9e9146028c4602077aa68d01aa72c875545d30730815101b6f61ab60047c6ffa
9eb14775d88a061df5a1379dc69c566aff22877fc6ed8bc6358ef1dfe879cad9
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a61667f2ab873bd937471e4d5c01136a7d74acdf29a3d07096b5f47c66b9d845
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
b303318994ddadfc632d74f11000a4b060c044644c55a05ebf04c3da33172f7c
b4aadff95b198ce34775551854c6bb7f8005696bef536e78d9afb7a31440598d
bc6f35d495daa9024207ac02873845e08564c284a9972fbc709aa1faa2345aaa
c0563e7f92c3564af0f9d4cfbce95ed0f34c6e7e0b4c04dd68e4b6628412c458
c910e49253b3ff54d814701cd9879eac7d16cd543a921fd0bb9506331ad6ff56
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
dbf06437378a6c4787102399270e0a056122a72e90edb43cda2ec3f198149562
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fd1255116d0f2a49a0c48e70b423a7702ec815b2cba698a07cf82149716372
e4a015a64cd305fc9bba8d6bd83fab2d25bdb8ddce500d342259ddf218691ea4
ea01fa3a9c7da2150bd7f397d57ad910a882f226558347f6734373f7ea8011d6
eb198377126b0692c96187316bd7c993f18abc3136db9bd703baa01d8a264955