wl9.ansaria.workers.dev Open in urlscan Pro
104.21.26.91 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wl9.ansaria.workers.dev/
Submission: On April 10 via api (April 10th 2024, 1:50:30 am UTC) from US — Scanned from US

Summary HTTP 129 Redirects Links 44 Behaviour Indicators

Summary

This website contacted 39 IPs in 3 countries across 26 domains to perform 129 HTTP transactions. The main IP is 104.21.26.91, located in and belongs to CLOUDFLARENET, US. The main domain is wl9.ansaria.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on February 14th 2024. Valid for: 3 months.

This is the only time wl9.ansaria.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	104.21.26.91 104.21.26.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.200.1.40 23.200.1.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	151.101.130.219 151.101.130.219	54113 (FASTLY) (FASTLY)
2	18.238.63.215 18.238.63.215	16509 (AMAZON-02) (AMAZON-02)
2	142.250.81.232 142.250.81.232	15169 (GOOGLE) (GOOGLE)
2 4	3.142.108.32 3.142.108.32	16509 (AMAZON-02) (AMAZON-02)
3	52.85.61.40 52.85.61.40	16509 (AMAZON-02) (AMAZON-02)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	34.233.8.21 34.233.8.21	14618 (AMAZON-AES) (AMAZON-AES)
9	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2	142.250.80.78 142.250.80.78	15169 (GOOGLE) (GOOGLE)
2	34.237.147.73 34.237.147.73	14618 (AMAZON-AES) (AMAZON-AES)
1	184.73.5.153 184.73.5.153	14618 (AMAZON-AES) (AMAZON-AES)
2	142.251.111.155 142.251.111.155	15169 (GOOGLE) (GOOGLE)
1	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
2	142.250.176.196 142.250.176.196	15169 (GOOGLE) (GOOGLE)
1	34.198.16.32 34.198.16.32	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	18.164.96.111 18.164.96.111	16509 (AMAZON-02) (AMAZON-02)
1	52.14.88.199 52.14.88.199	16509 (AMAZON-02) (AMAZON-02)
1	52.85.61.10 52.85.61.10	16509 (AMAZON-02) (AMAZON-02)
1	54.235.250.92 54.235.250.92	14618 (AMAZON-AES) (AMAZON-AES)
1	23.192.49.23 23.192.49.23	16625 (AKAMAI-AS) (AKAMAI-AS)
10	3.92.156.8 3.92.156.8	14618 (AMAZON-AES) (AMAZON-AES)
1	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	74.119.117.6 74.119.117.6	19750 (AS-CRITEO) (AS-CRITEO)
5	8.43.72.32 8.43.72.32	26667 (RUBICONPR...) (RUBICONPROJECT)
5	52.55.204.172 52.55.204.172	14618 (AMAZON-AES) (AMAZON-AES)
1	207.65.37.179 207.65.37.179	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.60.5.227 23.60.5.227	16625 (AKAMAI-AS) (AKAMAI-AS)
6	142.250.64.98 142.250.64.98	() ()
1	142.251.40.193 142.251.40.193	15169 (GOOGLE) (GOOGLE)
17	142.250.65.225 142.250.65.225	() ()
1	74.119.117.4 74.119.117.4	() ()
129	39

8 104.21.26.91 (None, )

ASN13335 (CLOUDFLARENET, US)

wl9.ansaria.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.200.1.40 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-1-40.deploy.static.akamaitechnologies.com

cdn.ziffstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.static.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.130.219 (United States)

ASN54113 (FASTLY, US)

b.cdnst.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.63.215 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-63-215.jfk52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.142.108.32 (Columbus, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-108-32.us-east-2.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.61.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-40.ewr53.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.233.8.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-8-21.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.78 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.147.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-147-73.compute-1.amazonaws.com

zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.5.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-5-153.compute-1.amazonaws.com

gurgle.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.176.196 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.16.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-16-32.compute-1.amazonaws.com

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-111.jfk50.r.cloudfront.net

bee.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.14.88.199 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-88-199.us-east-2.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-10.ewr53.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.250.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-250-92.compute-1.amazonaws.com

jogger.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.49.23 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-49-23.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.6 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.43.72.32 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.55.204.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-204-172.compute-1.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.76 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.60.5.227 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-5-227.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.64.98 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.193 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f1.1e100.net

50189f088b8d13e77cccb5bf4c5c1423.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.65.225 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.4 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com 50189f088b8d13e77cccb5bf4c5c1423.safeframe.googlesyndication.com tpc.googlesyndication.com	518 KB
16	cdnst.net b.cdnst.net — Cisco Umbrella Rank: 55584	1 MB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 268 stats.g.doubleclick.net — Cisco Umbrella Rank: 195	208 KB
10	yahoo.com c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 3117	2 KB
10	imrworldwide.com 2 redirects secure-us.imrworldwide.com — Cisco Umbrella Rank: 3608 cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 4116 bee.imrworldwide.com — Cisco Umbrella Rank: 67751	69 KB
8	workers.dev wl9.ansaria.workers.dev	327 KB
6	zdbb.net cdn.static.zdbb.net — Cisco Umbrella Rank: 26674 zdbb.net — Cisco Umbrella Rank: 16771 gurgle.zdbb.net — Cisco Umbrella Rank: 34427 jogger.zdbb.net — Cisco Umbrella Rank: 27521	48 KB
5	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1730	3 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 766	4 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 262 www.google.com — Cisco Umbrella Rank: 5	314 B
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 646 bidder.criteo.com — Cisco Umbrella Rank: 873	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 99	21 KB
2	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2516 rp.liadm.com — Cisco Umbrella Rank: 1791	1007 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 732	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	187 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 359	77 KB
1	criteo.net static.criteo.net	31 KB
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1794
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 365	1 KB
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 776	119 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 966	346 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1751	1 KB
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 783	680 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 8975	16 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1337	283 B
1	ziffstatic.com cdn.ziffstatic.com — Cisco Umbrella Rank: 22188	18 KB
129	26

	Domain	Requested by
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
16	b.cdnst.net	wl9.ansaria.workers.dev
10	c2shb.pubgw.yahoo.com	b.cdnst.net
9	securepubads.g.doubleclick.net	b.cdnst.net securepubads.g.doubleclick.net wl9.ansaria.workers.dev pagead2.googlesyndication.com
8	wl9.ansaria.workers.dev	wl9.ansaria.workers.dev b.cdnst.net
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	btlr.sharethrough.com	b.cdnst.net
5	fastlane.rubiconproject.com	b.cdnst.net
5	secure-us.imrworldwide.com	2 redirects secure-us.imrworldwide.com wl9.ansaria.workers.dev
4	cdn-gl.imrworldwide.com	wl9.ansaria.workers.dev secure-us.imrworldwide.com cdn-gl.imrworldwide.com
2	www.google.com	wl9.ansaria.workers.dev tpc.googlesyndication.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	zdbb.net	cdn.static.zdbb.net wl9.ansaria.workers.dev
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	id5-sync.com	b.cdnst.net
2	gum.criteo.com	b.cdnst.net
2	cdn.static.zdbb.net	www.googletagmanager.com cdn.static.zdbb.net
2	www.googletagmanager.com	wl9.ansaria.workers.dev www.googletagmanager.com
2	c.amazon-adsystem.com	b.cdnst.net c.amazon-adsystem.com
1	static.criteo.net	b.cdnst.net
1	50189f088b8d13e77cccb5bf4c5c1423.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	stags.bluekai.com	tags.bkrtx.com
1	ib.adnxs.com	b.cdnst.net
1	hbopenbid.pubmatic.com	b.cdnst.net
1	bidder.criteo.com	b.cdnst.net
1	rtb.openx.net	b.cdnst.net
1	prebid.media.net	b.cdnst.net
1	htlb.casalemedia.com	b.cdnst.net
1	tags.bkrtx.com	cdn.static.zdbb.net
1	jogger.zdbb.net	cdn.static.zdbb.net
1	bee.imrworldwide.com	secure-us.imrworldwide.com
1	lb.eu-1-id5-sync.com	b.cdnst.net
1	rp.liadm.com	b.cdnst.net
1	analytics.google.com	www.googletagmanager.com
1	gurgle.zdbb.net	cdn.static.zdbb.net
1	idx.liadm.com	b.cdnst.net
1	cdn.ziffstatic.com	wl9.ansaria.workers.dev
129	37

This site contains links to these domains. Also see Links.

Domain
www.ookla.com
downdetector.com
www.speedtest.net
www.microsoft.com
install.speedtest.net
twitter.com
www.facebook.com
single.speedtest.net
www.ziffdavis.com
www.ign.com
www.pcmag.com
www.extremetech.com
www.retailmenot.com
www.toolbox.com
www.askmen.com
www.offers.com
www.moz.com
www.ipvanish.com
www.blackwomentalktech.com
www.empoweronyx.com
www.cxmmunity.co
status.ookla.com

Subject Issuer	Validity	Valid
ansaria.workers.dev GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
www.ziffdavis.com COMODO RSA Organization Validation Secure Server CA	`2023-07-27` - `2024-07-26`	a year	crt.sh
*.speedtest.net GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-24` - `2025-02-24`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.zdbb.net Amazon RSA 2048 M03	`2024-02-04` - `2025-03-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.imrworldwide.com GlobalSign RSA OV SSL CA 2018	`2024-01-02` - `2025-02-02`	a year	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-12` - `2024-09-04`	6 months	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2024-02-19` - `2024-05-19`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-08-02` - `2024-08-13`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://wl9.ansaria.workers.dev/
Frame ID: 806A22AFC54BE182A934658528E03AAB
Requests: 82 HTTP requests in this frame

Frame: https://secure-us.imrworldwide.com/storageframe.html
Frame ID: FCC3617F96B1C4EC873022820995849B
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 27ED07319C480939CFE6084503C69EC5
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Dwl9.ansaria.workers.dev&phint=referer%3Dhttps%3A%2F%2Fwl9.ansaria.workers.dev%2F&phint=__bk_t%3DSpeedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&phint=__bk_k%3Dookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeed%20test%2Cbandwidth%20speed%20test%2Cinternet%20speed%20test%2Cbroadband%20speed%20test%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cip%20address%2Ctcp&phint=__bk_l%3Dhttps%3A%2F%2Fwl9.ansaria.workers.dev%2F&phint=__bk_v%3D3.1.10&limit=10&r=5567249
Frame ID: 4ED85D95AA37AACC05CA9E8AF0C26B94
Requests: 1 HTTP requests in this frame

Frame: https://50189f088b8d13e77cccb5bf4c5c1423.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0FF30CD49C525FCC1C3BEF212C99D5AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A744B54940A02336E3D3C83934814507
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F92870301C7847549DB9F79DDED4EDA0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWTVCAQ6kQ5aJu4kWzKM5HiwYGsfOHt8AI_uTGoZMRsDoB1TN393JKTYcDtAfQfw0kHUt5VAQkNh3_QH2Ngv6Ooh0y93F1IbW0LinKuEl42M1J58N6Mtq9-jWK0OJ4bFBewe6JtJGoJ2O_o_NGVzKBDw7iGil_YtjhPtB4qYMrPmfxSFFw16u3JHbzfuiBwyrV6dpYTQwyl7_DKxHTBWO2eFtmQMd5pC77vPtRk4THicrTY8YxtIzFttlANyH0Yy7LpFaatJC0NI4yYA0XtdDEDxnO9JK8JHijhPzpvmWZ_8scx5R5dbP1iwWCnL0sPQubNgZYpYrlclMtoZssclVh59ppDGPNCg-KQn5HRHTk_aES8NVBfeoOdiEi5vDvNfXxmMHDCKEMAJpxiQKdNzNsan5j9SXqKvQpvazvKOw&sai=AMfl-YSo1myrRlomPReWqLRx-kYToSBDwY9Z2vyRqNEK61Pcg4M4X0yHVjl5MXamsZbjwK6tpelp4QS3vUjKsDQRs5r1-6ajABLFPV_NO2syZeLnmMxEQICAqUv5ttUWYljLErgWYKLo0KTryWoOLDOF_9E&sig=Cg0ArKJSzCWWMlOW-WNyEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 21961F0502FFF5DD7394757540F00E1C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstArQn3L2x0yZPfxZLAc66knOCTTPjE60vYAKXw9B4n_DfNhPxbS-jxCd4Gr9rMmLdGxsyZw0cZ_tMLD5g_jVpRAZvzsVfsy68_V_q9Y4OTJqB-lrIs0lvVbjH-duyXC7lFov1foVZF04UigsqPGIxdGKZ-qmhS6MLQQxMity644F438L9Mab11aR291NwAwIGAcNa8ZqBx_vXkT8sZkvGCigy4-3cANrFZQbknPUfMB7OW89ShYgXyiQxQfQaUxYFxpfXbcQpDGUfeCQROFX1kkHIqOGHrfJnDObWKORLaowEyFb8uUHXUHCzPnfbQWZ_h91gy6LYWAlM3Bo7ThZom2B_o9rvlu8gJUVMRf2KKCT_7fN9FiDu7DFR2K2XS4Z28M_s5je00IBVhPXxJg_h4EuN4hvlIlNKK4QwHrQ&sai=AMfl-YROG0Gb3Uc4SUEHVWn0dbHCjBl5VL8bZv--awdwI8FPy3R2u28ENSm3L1zFNjqIQZePZOA38l8mDczej5eQ_8GZ6InruJWe5GY8k3ErwSoVZbvvg90we7S0XSn4hRm5IdupZqeQyFS_CUnb88quifY&sig=Cg0ArKJSzNgOyWtTa5OdEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: FA1C90061AB45AE834940F7ECFC235C1
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstg9-LLAUfCtDq_ymu3UpZ7FPBMXr71GUv65vVAv0WeinMN9xxpZy78qotZadIrVz3fkeHlz4Z9KQx6Z4D-_s4GdEfr9YWf95xmBfpZYu8D_BtFBsrItBNBX7OVQONEX2us-l8iNgvAR3-W7RIPCj4AJaLhbsdBVCSSiUOVEkpOk9fII3FCo6o_Cpb35E86eJw36g88Juyf6zSQK_0rKYvcJ57FtDiNqCml0LMCDo3QaUbLxWI8UcUkZRX7G6R39baXMmUubxThVlsRcAleRjRtoGTCcO5wjUNpAZKQm7xJhXoIAYnb7HhAj-XgdIhLw96z2hafMk6xrzpKuQQbEYu-wMEoE11Owo11_PY2Bps-ld73hS66YnoOuyDyErG87dFKVbJd7IXNRsPgEDqoJCn7Q8E&sai=AMfl-YSjQBSftwVxb9XsT4-TieXbK5hrDpzP6-bFqVnLJv0BiBtevPrmujI7-SBWx_-FAm2BYG1Lh_lhXr-hl3YZbZKNfbGz9UETGaygILPUr1WnI45Ic7--z5Y3ypNOt8Vtvkwm6_rfYy1yGCiPMAy3U5o&sig=Cg0ArKJSzGbnf9oGB3xeEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F85AE496CEA06D0F4DD58CDDD620796D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmtDb_3P_r6oIPRTCcGOlHECxPSuQ2_pSkfu386U2odvKk5UqjkduSvOIlHB4daz6L0R6X6uL5h8bf54pnKR8Dq41KCHajcgqbuvUSvmC3TzmwyYtiFGreaRhFTnQV1QKQwcJA-atSFFYsRGw0tRgxGcPxbgSlmfpkA4IynmcgFLY4MUFRi_mTU4yLVNxLM4A93Vxr4c1dcQCTh1z26xlAFZITwu5cwOTcyZhWfB1IBmQrpaKoM5_Z7Thp3nI6CLC0hdPCOKSuN1c-xNAyhHZfNfeipDj_pfn40IVyXUQdqK8h-WZTOsqbxu0fj8-P69SZC8UsW_l96YhdiB54tp5J-fNdiNpmCtrMFVZPNmFXeFfQHocyFqemCTO6snu0PYtFUCnl1HO-UNgycKLgai98kaw1ynE&sai=AMfl-YRBx1YScY957Rq5n4f_xocWBMFf1Z9vf_YNHVwu23JRZviDXhGkB-ehwMvFxy021X-8BcfLf-RGVfNK3tLiiOXKktWCk5R-h-O-FV4LnkWjs1qNW4ZV2mVb-HbMeJ14Lckg4XrLeTLsxtcTOL0QDmY&sig=Cg0ArKJSzFe8uVmw7EECEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 5F727D2580AC8AF6795E12B274342AE0
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHOlEFdynf050KdDLMAxVEieLFKLTo1daQU5RaBnn1cgSzZhzAb4eDs6yQPQJwnxv7R7QSx5SkMqZqadRRKOOd6Y5H7cu5Ru1xyfUbCorXv6fWbtYH7SBKR-hYZDq7LGgnMgTNYl5A_QFvYK2o03L-yrfcDFfzbvKRyGVmA9-CR8Lajje__5EbGPyNDI93ACUyTIZLeEuzvUdkkO0Afj2DeXLyjhNMcicj1tv9lg1lXuyr_4joboIwHHT5-bKSDiyURrZPtv-tkSKmEk9q4TWsax9SzP_bniM8deuKvM4IrSiQMLOGk-fWpeL4CbII-E4gVY7hKWR-UJanOxlCh-5y4mIy79yrtn5OsD4J7fSxxyXXsA8uyRBPjfa4ErwZo5g6Itlj9vFOFuPKP3TouhA&sai=AMfl-YR0KnXQEx2fUI5Xb31ZZ96T6ugsGurj85sEhejCffhEwNMFYU3n1XlR4mPxUh-DW9s4gzqcQvNikUC3dkNz4jVM6wH7xRqA3FHED4yA2RYv5H2TkB9-nT0AwmYte_JLYaRwknr3g5iKb9V4n9MkuNk&sig=Cg0ArKJSzNErYHCOrX8rEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 5F5178DEC1BF958C336832A23D6C1A7B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Speedtest by Ookla - The Global Broadband Speed Test

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

129
Requests

91 %
HTTPS

0 %
IPv6

26
Domains

37
Subdomains

39
IPs

3
Countries

2833 kB
Transfer

8244 kB
Size

34
Cookies

44 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ookla.com/research
Title: Research

Search URL Search Domain Scan URL

URL: https://www.ookla.com/articles
Title: Articles

Search URL Search Domain Scan URL

URL: https://www.ookla.com/network
Title: Network

Search URL Search Domain Scan URL

URL: https://www.ookla.com/enterprise
Title: Enterprise

Search URL Search Domain Scan URL

URL: https://www.ookla.com/speedtest-intelligence
Title: Speedtest Intelligence

Search URL Search Domain Scan URL

URL: https://www.ookla.com/cell-analytics
Title: Cell Analytics

Search URL Search Domain Scan URL

URL: https://www.ookla.com/wind
Title: Ookla Wind

Search URL Search Domain Scan URL

URL: https://www.ookla.com/spatialbuzz
Title: Spatialbuzz

Search URL Search Domain Scan URL

URL: https://www.ookla.com/speedtest-powered
Title: Speedtest Powered

Search URL Search Domain Scan URL

URL: https://www.ookla.com/gis-datasets
Title: GIS Datasets

Search URL Search Domain Scan URL

URL: https://www.ookla.com/speedtest-custom
Title: Speedtest Custom

Search URL Search Domain Scan URL

URL: https://www.ookla.com/cell-maps
Title: Cell Maps

Search URL Search Domain Scan URL

URL: https://www.ookla.com/tower-source
Title: Tower Source

Search URL Search Domain Scan URL

URL: https://www.ookla.com/map-elements
Title: Map Elements

Search URL Search Domain Scan URL

URL: https://www.ookla.com/partnerships
Title: Partners & Programs

Search URL Search Domain Scan URL

URL: https://downdetector.com/enterprise/
Title: Downdetector Enterprise

Search URL Search Domain Scan URL

URL: https://www.ookla.com/about/press
Title: Press

Search URL Search Domain Scan URL

URL: https://www.ookla.com/about/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.speedtest.net/login
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/p/speedtest-by-ookla/9nblggh4z1jc

Search URL Search Domain Scan URL

URL: https://install.speedtest.net/app/windows/latest/speedtestbyookla_x64.msi
Title: 64-bit

Search URL Search Domain Scan URL

URL: https://install.speedtest.net/app/windows/latest/speedtestbyookla_x86.msi
Title: 32-bit

Search URL Search Domain Scan URL

URL: https://twitter.com/speedtest
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/speedtest
Title: Facebook

Search URL Search Domain Scan URL

URL: https://single.speedtest.net/
Title: Single Connection Test

Search URL Search Domain Scan URL

URL: https://downdetector.com/
Title: Downdetector®

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/cookie-policy
Title: Cookie Policy.

Search URL Search Domain Scan URL

URL: https://www.ookla.com/

Search URL Search Domain Scan URL

URL: https://www.ookla.com/ookla-for-good
Title: Ookla for Good

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/
Title: Ziff Davis

Search URL Search Domain Scan URL

URL: https://www.ign.com/
Title: IGN

Search URL Search Domain Scan URL

URL: https://www.pcmag.com/
Title: PCMag

Search URL Search Domain Scan URL

URL: https://www.extremetech.com/
Title: ExtremeTech

Search URL Search Domain Scan URL

URL: https://www.retailmenot.com/
Title: RetailMeNot

Search URL Search Domain Scan URL

URL: https://www.toolbox.com/
Title: Toolbox

Search URL Search Domain Scan URL

URL: https://www.askmen.com/
Title: AskMen

Search URL Search Domain Scan URL

URL: https://www.offers.com/
Title: Offers.com

Search URL Search Domain Scan URL

URL: https://www.moz.com/
Title: Moz

Search URL Search Domain Scan URL

URL: https://www.ipvanish.com/
Title: IPVanish

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/general/group-black-and-ziff-davis-partner-to-amplify-and-scale-black-voices-in-media

Search URL Search Domain Scan URL

URL: https://www.blackwomentalktech.com/our-perspective
Title: BlackWomenTalkTech

Search URL Search Domain Scan URL

URL: https://www.empoweronyx.com/
Title: Empower Onyx

Search URL Search Domain Scan URL

URL: https://www.cxmmunity.co/
Title: Cxmmunity

Search URL Search Domain Scan URL

URL: https://status.ookla.com/
Title: Network Status

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://secure-us.imrworldwide.com/v60a.js HTTP 301
https://cdn-gl.imrworldwide.com/v60a.js

Request Chain 50

https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1712713827538&ci=ziffdavis&js=1&cg=0&ts=v60a.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&sr=800x600&id=lstrg-07f6c123a66b57c302a6a02be0084a2a&tz=-10 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1712713827538&ci=ziffdavis&js=1&cg=0&ts=v60a.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&sr=800x600&id=lstrg-07f6c123a66b57c302a6a02be0084a2a&tz=-10&ja=1

129 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wl9.ansaria.workers.dev/ 118 KB
33 KB 95ms
51ms Document
text/html 104.21.26.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.26.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5161c35319048d00e49f468cd6e4881cc0fe45b7bfd575d24d199f7e95408a90

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 871f15e3edbc43c7-EWR
content-encoding: br
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Wed, 10 Apr 2024 01:50:20 GMT
etag: W/"1d68a-C+urKuzUoBK2pZcsLskJ1fdYebY"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WWnvAERrYmNm%2FtwJm4nYxihFj2dyr87oEh48qZ1iD2d7FQOye5HN1SU4kRHw%2Bpbps2hUAdIVfnR66%2Fm5k%2F3eRDKVtNyZFuZAkAEOeDp4dUXaHJrXRasARh56GZXl8XaIlDLmq8JrLsaN2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
x-frame-options: DENY

GET
H2 200 zdconsent.js Show response
cdn.ziffstatic.com/jst/ 47 KB
18 KB 3062ms
7ms Script
application/javascript 23.200.1.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/jst/zdconsent.js
Requested by: Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.1.40 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-1-40.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9416410a7e49e52c9f0f0c4987e20c59da4409e8e5a9fc653480c6dd4097a0a0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:23 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 23:41:16 GMT
etag: "99348691b4bd7ab6027e443ec1792a4a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=997
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600
content-length: 18055
expires: Wed, 10 Apr 2024 02:07:00 GMT

GET
H2 200 Montserrat-VariableFont_wght-kern-latin.woff2
wl9.ansaria.workers.dev/s/fonts/ 28 KB
29 KB 40ms
38ms Font
font/woff2 104.21.26.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wl9.ansaria.workers.dev/s/fonts/Montserrat-VariableFont_wght-kern-latin.woff2

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.26.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40d718d090a7d9fa4db0b9c2570cb05f7729e6c998c32c1c688f421ca7ac8c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
Origin: https://wl9.ansaria.workers.dev
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:20 GMT
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
uber-trace-id: 8d99aa0d3ad509d9:8d99aa0d3ad509d9:0:0
alt-svc: h3=":443"; ma=86400
content-length: 29060
last-modified: Thu, 21 Mar 2024 19:48:54 GMT
server: cloudflare
etag: W/"7184-18e628f2c70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iIb632EXa9lvgqu5EW%2BhhsDy%2FdtD22H64CuaLuoCc5YaTX5nSafvWPppSJOgAmL%2BrPTUKRMWgQh7Wpc3NeGRu0kPlYzhqscbBrIyYJ40rIRmK0IcmEPgZV9Kt5TmOx6YCXekfdTD98xSeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: font/woff2
cache-control: public, max-age=60
x-frame-options: DENY
accept-ranges: bytes
cf-ray: 871f15e45e4943c7-EWR

GET
H2 200 gaugemono-regular-webfont.woff2
wl9.ansaria.workers.dev/s/fonts/ 4 KB
5 KB 67ms
65ms Font
font/woff2 104.21.26.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wl9.ansaria.workers.dev/s/fonts/gaugemono-regular-webfont.woff2

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.26.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a00aa81f6ca32a692772c6a8bc908b62198154ce3eef1eeef346d80100b8e04

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
Origin: https://wl9.ansaria.workers.dev
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:20 GMT
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
uber-trace-id: 9d643b8b0986920a:9d643b8b0986920a:0:0
alt-svc: h3=":443"; ma=86400
content-length: 4240
last-modified: Thu, 21 Mar 2024 19:48:54 GMT
server: cloudflare
etag: W/"1090-18e628f2c70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qblgaUwa6rnbA1LoNPm6PO2sRlcKRGY07I8gS0IJ1W3sr1seXYoE%2BqHrQ1s6lVRAnJY8uHc9aT3OxE%2Bp9l%2BWWohu7eqxZxrtFp9Ijrwte%2FNkVHBxbVWMSBRlVOaXjgrTVDwRX53E9Y8iLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: font/woff2
cache-control: public, max-age=60
x-frame-options: DENY
accept-ranges: bytes
cf-ray: 871f15e45e4a43c7-EWR

GET
H2 200 main.e3739dded5084219ad560343be4600d9.css
b.cdnst.net/styles/ 140 KB
23 KB 3075ms
23ms Stylesheet
text/css 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/styles/main.e3739dded5084219ad560343be4600d9.css

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6f1398c004c3da42e7e24a314dcb82937620151d2a77b9fe5caaf86434505530

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:23 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"22f26-18e5ccb5020"
x-frame-options: DENY
vary: Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 23854

GET
H2 200 prebid.8.31.0.min.js Show response
b.cdnst.net/javascript/ 374 KB
125 KB 3059ms
8ms Script
application/javascript 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/javascript/prebid.8.31.0.min.js

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2a10681e6824547e850f4de65c5b57cf60f2562bbc4d74eaba140f388aa259d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:23 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"5d698-18e5ccb5020"
x-frame-options: DENY
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 127641

GET
H2 200 amazon.js Show response
b.cdnst.net/javascript/ 551 B
378 B 3069ms
18ms Script
application/javascript 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/javascript/amazon.js

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f983d992f18cc6a5024a1fb94062872c8c1c9ddd3d936289cfb01b720a0c03d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:23 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"227-18e5ccb5020"
x-frame-options: DENY
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 326

GET
H2 200 ad.js Show response
b.cdnst.net/javascript/ads/ 25 B
95 B 3059ms
8ms Script
application/javascript 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/javascript/ads/ad.js

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32b0ffbdaf288de753cd11b89e702c4c5c140b7a86037c852ebc341ad99c5f47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:23 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"19-18e5ccb5020"
x-frame-options: DENY
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 45

GET
H2 200 groupblack-white_on_black-1x.png
b.cdnst.net/images/group-black/ 2 KB
2 KB 3058ms
7ms Image
image/png 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/group-black/groupblack-white_on_black-1x.png

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b76abca4ceaaf1788e86a4c3f6794567c085cb1b44220876d8953fcc3df0ac06

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Wed, 10 Apr 2024 01:50:23 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"75b-18e5ccb5020"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 1883

GET
H2 200 Montserrat-VariableFont_wght-hint-all.woff2
wl9.ansaria.workers.dev/s/fonts/ 116 KB
117 KB 63ms
63ms Font
font/woff2 104.21.26.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wl9.ansaria.workers.dev/s/fonts/Montserrat-VariableFont_wght-hint-all.woff2

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.26.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4196d95ab415218fc8dce5037601f39e1824f2e57c6ebebf5557ddb3f11b537c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
Origin: https://wl9.ansaria.workers.dev
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:20 GMT
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
uber-trace-id: 6e36e32862e4a4a5:6e36e32862e4a4a5:0:0
alt-svc: h3=":443"; ma=86400
content-length: 118624
last-modified: Thu, 21 Mar 2024 19:48:54 GMT
server: cloudflare
etag: W/"1cf60-18e628f2c70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H0kW6dHZtDBEO8VcDCHVKbJ4zUBi4ftT%2FVRlWIHCor76VW3Wrm9n23NgBLJzZEqnNzfGiIhdSeK67%2FIGMkKO1L6l5QtcgDYoGKV%2BpatdvoQunWEo44QK3UmUS277WltToFU4z7oDR3tqjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: font/woff2
cache-control: public, max-age=60
x-frame-options: DENY
accept-ranges: bytes
cf-ray: 871f15e47e6d43c7-EWR

GET
H2 200 Montserrat-Italic-VariableFont_wght-hint-all.woff2
wl9.ansaria.workers.dev/s/fonts/ 120 KB
120 KB 50ms
47ms Font
font/woff2 104.21.26.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wl9.ansaria.workers.dev/s/fonts/Montserrat-Italic-VariableFont_wght-hint-all.woff2

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.26.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ff66387417489de93fa393db6d511581ea6c3b5c75d35190309be9cd916a9a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
Origin: https://wl9.ansaria.workers.dev
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:20 GMT
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
uber-trace-id: 8a25f85b5d1d049d:8a25f85b5d1d049d:0:0
alt-svc: h3=":443"; ma=86400
content-length: 122676
last-modified: Thu, 21 Mar 2024 19:48:54 GMT
server: cloudflare
etag: W/"1df34-18e628f2c70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EL236Df5gJAIh4IPG7gP2sd1wmK%2BGugn0a2y4aLdenanX1BaP%2B%2F5tXg6bn%2BO3%2FVmi%2F%2F%2F4O79JEcRgP4Eustyo6rOQlx4i4hzXwixXZ8p%2BDYxvwC55sIgaRpm7pT4gsnfrSEdBlxMRX6M0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: font/woff2
cache-control: public, max-age=60
x-frame-options: DENY
accept-ranges: bytes
cf-ray: 871f15e47e7043c7-EWR

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 298 KB
74 KB 538ms
234ms Script
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/amazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 00:54:07 GMT
content-encoding: gzip
via: 1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront), 1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified: Mon, 25 Mar 2024 17:06:15 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK52-P4
age: 3378
x-amz-server-side-encryption: AES256
etag: W/"b9e5bc6ae2304c1ff623d74c6e93fe00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 3nR5O6lu2rv7-tkFiXkF8BUKhYesNKTiyplu2xujLe2vXBsrVQyjbA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 281 KB
90 KB 91ms
59ms Script
application/javascript 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

62dbe15e1c347a80ab3d5ede05b3f440e1777058d5e4af8a3f7f743bbba284ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91799
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Apr 2024 01:50:24 GMT

GET
H2 200 speedtest-main.js Show response
b.cdnst.net/javascript/ 3 MB
858 KB 7ms
6ms Script
application/javascript 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/javascript/speedtest-main.js?v=e64cb41a2691380401d6965ca342b4bf

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

67ff0020c632ad43f9413647a5b6fdf8dcad828425629167f0e503cdbfba020d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:23 GMT
last-modified: Wed, 20 Mar 2024 17:02:41 GMT
etag: W/"31fa7b-18e5cd0a368"
x-frame-options: DENY
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 877963

GET
H2

200

v60a.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-us.imrworldwide.com/v60a.js
https://cdn-gl.imrworldwide.com/v60a.js

21 KB
7 KB

301ms
4ms

Script
application/javascript

52.85.61.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60a.js
Requested by: Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/
Protocol: H2
Server: 52.85.61.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-40.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f2b977156323183e22b228712efd075b20e4fef72d8decb2b05af1ba570516e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wl9.ansaria.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Apr 2024 00:05:42 GMT
x-amz-version-id: c8VfWXv7S6pgr9z4BXPhlw..1tDQQwHP
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 13:33:52 GMT
server: AmazonS3
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
etag: W/"a63502ab51b5896d4875d375d8d72fc3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
age: 6285
x-amz-cf-id: lrT1Cu_BFyJ3P39TINWcPj-dGVYa7wr-fdQQaTTgYY79Fb8BTtqRZw==

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60a.js
date: Wed, 10 Apr 2024 01:50:25 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ.min.js Show response
cdn.static.zdbb.net/js/ 163 KB
46 KB 51ms
9ms Script
text/javascript 23.200.1.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.1.40 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-1-40.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc515ad807ffe944101996409fd54411973af5168bbcdd70d49789933241b422

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Mtm5y6pirnIG.1gOzg4ITC9WD2Vk3C2B
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:24 GMT
last-modified: Tue, 19 Mar 2024 12:01:34 GMT
x-amz-request-id: 1FTXS02HV79TBYYM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 46456
x-amz-id-2: L9NXD5cOFYoGJRPk3Ca0f/8cLoCpSYAfpOeKFdTosuF7y7bJtp4i7u1DVIZN9BxDsd5ZHzxMjLI=
expires: Thu, 11 Apr 2024 01:50:24 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 1043ms
8ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&domain=wl9.ansaria.workers.dev&cw=1&lsw=1&us_privacy=1YNY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://wl9.ansaria.workers.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 10 Apr 2024 01:50:25 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 289275
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 351 B
1 KB 279ms
11ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&domain=wl9.ansaria.workers.dev&cw=1&lsw=1&us_privacy=1YNY

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2dd96e9598024279d7197725bfa520819f88a93a5ba8fd0c3eb1ea251a783b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 857323
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
424 B 1301ms
94ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

236f8ff3e520fbff79476c8613eea2795f62128d235f97ee91674079bac9b85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://wl9.ansaria.workers.dev
date: Wed, 10 Apr 2024 01:50:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 78658 Show response
idx.liadm.com/idex/prebid/ 255 B
668 B 329ms
16ms Fetch
application/json 34.233.8.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/78658?duid=771b878a18da--01hv2v5ycrknndfp1x6sghjawp&us_privacy=1YNY&cd=.ansaria.workers.dev&resolve=nonId&resolve=uid2&resolve=bidswitch&resolve=medianet&resolve=magnite&resolve=pubmatic&resolve=index

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.233.8.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-8-21.compute-1.amazonaws.com

Software

Resource Hash

326967e9bfe3e9cc187856c7388a14bcec0c3f71b3d3cf5a5f025c3fbb4cb1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 10 Apr 2024 01:50:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 4
content-type: application/json
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: max-age=86399, private
access-control-allow-credentials: true
trace-id: 446b54abc848fcbd
content-length: 255
expires: Thu, 11 Apr 2024 01:50:24 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 3208ms
112ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/speedtest-main.js?v=e64cb41a2691380401d6965ca342b4bf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

88f23579199fd0b19fda8b68926606d8a74ec50751c9f388e2199fd7444e6522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29286
x-xss-protection: 0
server: cafe
etag: 671 / 19823 / m202404040101 / config-hash: 15474441774716103007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 01:50:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
97 KB 34ms
33ms Script
application/javascript 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f78a3c34f111e66b6897c2c408804633bccf0b5e6dc4e7027c7a8865b473937c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Apr 2024 01:50:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
3ms Script
text/javascript 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 Apr 2024 00:06:53 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6211
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 10 Apr 2024 02:06:53 GMT

GET
H2 200 gauge-gradient-dl-multi-web.png
b.cdnst.net/images/ 77 KB
77 KB 9ms
4ms Image
image/png 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-dl-multi-web.png

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32b79f49ad238f7718e7ba9aa4cbb32e74a8a11a8a32dbcfdbfa926228c783f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Wed, 10 Apr 2024 01:50:24 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"132c5-18e5ccb5020"
x-frame-options: DENY
vary: Origin
content-type: image/png
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 78533

GET
H2 200 gauge-gradient-ul-multi-web.png
b.cdnst.net/images/ 73 KB
73 KB 10ms
6ms Image
image/png 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-ul-multi-web.png

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d23c759f4302ff762012a6ff00cbd124858dd9b387ea06eafa727c5e726fd77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Wed, 10 Apr 2024 01:50:24 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"12248-18e5ccb5020"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 74312

GET
H2 200 gauge-gradient-dl-single-web.png
b.cdnst.net/images/ 61 KB
61 KB 10ms
6ms Image
image/png 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-dl-single-web.png

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

53ef39c91fa4b4f2d68d15483dcd7a2bc4b089c954e7b5a6808c6560740c887f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Wed, 10 Apr 2024 01:50:24 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"f3d1-18e5ccb5020"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 62417

GET
H2 200 gauge-gradient-ul-single-web.png
b.cdnst.net/images/ 64 KB
64 KB 10ms
6ms Image
image/png 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-ul-single-web.png

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d3c3db2b5256d7c5fa7f2502e752ced784853fe0fdd01d8a219bd9e041a579c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Wed, 10 Apr 2024 01:50:24 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"ff47-18e5ccb5020"
x-frame-options: DENY
vary: Origin
content-type: image/png
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 65351

GET
H3 200 English_get-it-from-MS_InvariantCulture_Default.png
wl9.ansaria.workers.dev/images/ 14 KB
15 KB 36ms
33ms Image
image/png 104.21.26.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wl9.ansaria.workers.dev/images/English_get-it-from-MS_InvariantCulture_Default.png

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.26.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e0da7b78f6365146f0889b05e139587016e6b5e2e1a8d778dbc3272ad0a6278

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:24 GMT
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58660
alt-svc: h3=":443"; ma=86400
content-length: 14457
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
server: cloudflare
etag: W/"3879-18e5ccb5020"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpgnEaJsdwOZ2fjilAJh5IJcjwTPR5EIb4p2bok3zJD4ZeiantYvFyU58GoOeEDBAiazrTt0pG2efOV%2B0Eeblr4GGqMGf73qT%2FmPUWAJd1ozpQ2VrD%2F1%2FtV4IYJyzb5wodh2%2BCXDTI7T8g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 871f15fd0b2ec32d-EWR

GET
H2 200 ad-free-125x101-fade-anim-1x.gif
b.cdnst.net/images/ 10 KB
10 KB 22ms
19ms Image
image/gif 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/ad-free-125x101-fade-anim-1x.gif

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f30799e7ea5caddb7b79f074957baeaecccf1a31846993414008331c257d242

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Wed, 10 Apr 2024 01:50:24 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"266b-18e5ccb5020"
x-frame-options: DENY
content-type: image/gif
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 9835

GET
H2 200 icg_insights.svg
b.cdnst.net/images/ 1 KB
707 B 22ms
19ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_insights.svg

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4d195a402297509314a9a38df1b8b94f627550aa13fc34aab675a749694e474e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:24 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"490-18e5ccb5020"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 632

GET
H2 200 icg_globalindex.svg
b.cdnst.net/images/ 2 KB
905 B 23ms
20ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_globalindex.svg

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e928fd56eb75f5909d953d76a6ec33742a0e9a8cda68205437fa2786b5386752

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:24 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"80f-18e5ccb5020"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 854

GET
H2 200 icg_5g.svg
b.cdnst.net/images/ 2 KB
1 KB 22ms
20ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_5g.svg

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f02165b5a4e05eceda936e58979a6f5befb2d879486d62f7c6e43060d5c920cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:24 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"8e9-18e5ccb5020"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 1110

GET
H2 200 icg_enterprise.svg
b.cdnst.net/images/ 2 KB
550 B 22ms
21ms Image
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_enterprise.svg

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

81f5051a7706193e4279d279605188a8af93b633d6255c6bb99007e8bca65c15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:24 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"66c-18e5ccb5020"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 499

GET
H3 200 servers Show response
wl9.ansaria.workers.dev/api/js/ 3 KB
2 KB 183ms
182ms XHR
application/json 104.21.26.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wl9.ansaria.workers.dev/api/js/servers?engine=js&limit=10&https_functional=true

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/speedtest-main.js?v=e64cb41a2691380401d6965ca342b4bf

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.26.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26016ad443fa4a86f1d80355e2305c50b8f96b5910352beaca29d5d45c66bc43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:24 GMT
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuptYZooPMERiYMLpMguYdyWrZhDFOO%2BTeMIzf6HYOvfFV5uulA3ppmyrE5kPAJVWwozZzs3nunNk%2FyETQKuefxwHET0MN3LkQHpXdTNhSDuMiHhlLR63dwJ0aN9%2FJx4HqZDm0chPO7%2Fng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 871f15fd1b3cc32d-EWR
expires: Thu, 11 Apr 2024 01:50:24 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 31ms
24ms XHR
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:25 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 acbc16f609c0c9804b8a2c3d38d3023e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 2NtFlzj2YX_4LQxXgIqVTBSb2n-BiwjP8HAOyjUMq8arTdrXBbRMPg==

GET
H2 200 check_c Show response
zdbb.net/ 0
389 B 1062ms
11ms XHR
text/plain 34.237.147.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://zdbb.net/check_c
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.237.147.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-147-73.compute-1.amazonaws.com
Software: Ziff Davis BuyerBase /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:25 GMT
server: Ziff Davis BuyerBase
p3p: CP="ALL DSP COR NID"
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0
expires: 0

GET
H2 200 info Show response
gurgle.zdbb.net/ 270 B
491 B 1056ms
12ms XHR
application/json 184.73.5.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&fp=0&lcl_id=
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.5.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-5-153.compute-1.amazonaws.com
Software: /
Resource Hash: 7e45b4d37176e798fae3526f1ba9a59fc730034f1c088abd04f7ea6768e4da1a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://wl9.ansaria.workers.dev
date: Wed, 10 Apr 2024 01:50:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 270
access-control-allow-methods: GET, OPTIONS
content-type: application/json

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 18ms
17ms XHR
text/plain 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1703187115&t=pageview&_s=1&dl=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&sd=24-bit&sr=800x600&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAGK~&jid=513491451&gjid=344521183&cid=912629577.1712713825&tid=UA-389482-3&_gid=103374934.1712713825&_r=1&_slc=1&gtm=45He4480n71K7SNBZv6359835za200&cd2=anonymous&cd3=anonymous&cd4=anonymous&cd15=False&cd16=268&cd17=GTM-K7SNBZ&cd22=https%3A%2F%2Fwl9.ansaria.workers.dev&cd23=ST4&cd41=0&cd42=0&cd44=0&cd45=1&cd46=1&cd49=1&cd52=1&cd53=1&cd54=1&cd57=0&cd59=0&gcs=G111&gcd=13t3t3t3t5&dma=0&cd47=false&cd40=912629577.1712713825&cd51=pageview&z=1036097124&cd48=695

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
353 B 44ms
18ms XHR
text/plain 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-389482-3&cid=912629577.1712713825&jid=513491451&gjid=344521183&_gid=103374934.1712713825&_u=YEBAAEAAAAAAACAGK~&z=1469793210

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 10 Apr 2024 01:50:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 294ms
18ms Ping
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KKLSRK6J1Z&gtm=45je4480v879908529z86359835za200&_p=1712713823986&_gaz=1&gcs=G111&gcd=13t3t3t3t6&npa=0&dma=0&cid=912629577.1712713825&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712713824&sct=1&seg=0&dl=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&dt=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&en=page_view&_fv=2&_ss=1&ep.gtm_container=GTM-K7SNBZ&ep.gtm_version=268&ep.mobile_web_test=false&ep.hostname=https%3A%2F%2Fwl9.ansaria.workers.dev&ep.adblock_status=False&ep.zdConsent_geoCC=&ep.zdConsent_gdprApplies=false&ep.zdConsent_consentGiven=true&ep.vpnUseDetected=false&epn.client_timestamp=1712713824790&up.user_type=anonymous&up.adFree=false&up.gaOptInStatus=true&up.googAdsOptInStatus=true&tfd=4222
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 19ms
18ms Ping
text/plain 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KKLSRK6J1Z&cid=912629577.1712713825&gtm=45je4480v879908529z86359835za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t6&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bk-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 109ms
92ms Image
image/gif 142.250.176.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-389482-3&cid=912629577.1712713825&jid=513491451&_u=YEBAAEAAAAAAACAGK~&z=1277232158

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 j Show response
rp.liadm.com/ 13 B
339 B 64ms
12ms Fetch
application/json 34.198.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp.liadm.com/j?dtstmp=1712713825170&se=e30&duid=771b878a18da--01hv2v5ycrknndfp1x6sghjawp&tv=8.31.0&pu=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&us_privacy=1YNY&wpn=prebid&cd=.ansaria.workers.dev
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-16-32.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 10 Apr 2024 01:50:25 GMT
x-pixel-event-id: dfa89875-8de3-424c-9cdb-6b789fde1f38
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 43 B
108 B 10ms
10ms Image
image/gif 34.237.147.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=d2525f54-6a43-431d-a791-c9181268a047&zd_session_id=3103ddda-ad62-442d-b40b-f2ee52605913&zd_location=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&evidon_consent=undefined&third_party_consent=&fu=true
Requested by: Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.237.147.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-147-73.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:25 GMT
content-length: 43
content-type: image/gif

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
283 B 547ms
94ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

bfa332508bc7a63ae4e97f83b4dcf1ee28cd437d518187bc2bac91b967605dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://wl9.ansaria.workers.dev
date: Wed, 10 Apr 2024 01:50:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 match Show response
bee.imrworldwide.com/v1/clients/ 39 B
506 B 40ms
16ms XHR
application/json 18.164.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bee.imrworldwide.com/v1/clients/match?client_id=ziffdavis&url=https://wl9.ansaria.workers.dev/

Requested by

Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-111.jfk50.r.cloudfront.net

Software

Resource Hash

0210bcf8c6f9fb41e1db722e8ec3c318101342f5922c59331321c993df1720d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 23:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=25920000; includeSubDomains
via: 1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 10102
x-cache: Hit from cloudfront
content-length: 63
x-xss-protection: 1; mode=block
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: dfPCHvvASD7xOWfijvcopIAFUNnekCk2GdXlGHqbXwPC7R6j7fKCrw==

GET
H2 200 storageframe.html
secure-us.imrworldwide.com/ Frame FCC3 0
0 1078ms
23ms Document
text/html 52.14.88.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-us.imrworldwide.com/storageframe.html
Requested by: Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.88.199 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-14-88-199.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://wl9.ansaria.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-length: 3489
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 01:50:27 GMT
etag: "654165c5-da1"
last-modified: Tue, 31 Oct 2023 20:38:29 GMT
server: nginx

GET
H2 200 config250.js Show response
cdn-gl.imrworldwide.com/conf/ 12 KB
5 KB 4ms
3ms Script
application/javascript 52.85.61.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by: Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-40.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 494960fa1866c02f0b6df95691f1b95039e4bdfdd61bdcb361411f77039d11e2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Z64IH9uQJ7wiPwEykKQdOzVW.a.X09pM
content-encoding: gzip
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
date: Wed, 10 Apr 2024 01:13:35 GMT
last-modified: Tue, 09 Apr 2024 23:22:16 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 2212
x-amz-server-side-encryption: AES256
etag: W/"eb6c4cada9ee2263fa0a63e39098a253"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-id: a2SIxvZl5EEYKMX5JvkVB7lb_hRYC0Qb0VesIyOmPA_m_V9GBMrGUQ==

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 199 KB
56 KB 4ms
4ms Script
application/javascript 52.85.61.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-40.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
content-encoding: gzip
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
date: Wed, 10 Apr 2024 01:40:54 GMT
x-amz-cf-pop: EWR53-P1
age: 573
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 06 Sep 2023 13:04:53 GMT
server: AmazonS3
etag: W/"2be1fe7a43ef5ba626afab2ceddfc177"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: OEnby8rN86rUKZYbps_gjzGkI9DDzwMmIbyH5XOFscO97aui2MwIkg==

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 27ED 0
0 1078ms
29ms Document
text/html 52.85.61.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-10.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://wl9.ansaria.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 2508
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 10 Apr 2024 01:08:40 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Wed, 06 Sep 2023 13:04:52 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
x-amz-cf-id: Zdkv7iNFhM2ILjn3WADk7WJEitUsqioUVOEMxepIBATRn5SKJRuiRw==
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache: Hit from cloudfront

POST
H2 200 718.json Show response
id5-sync.com/g/v2/ 586 B
1 KB 287ms
96ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/718.json

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

bdefd16086187a7226d648601607f345dae7a72cd226e61a2845101c30c0abd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 10 Apr 2024 01:50:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://wl9.ansaria.workers.dev
content-type: application/json
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1712713827538&ci=ziffdavis&js=1&cg=0&ts=v60a.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&sr=800x600&id=l...
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1712713827538&ci=ziffdavis&js=1&cg=0&ts=v60a.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&sr=800x600&id=l...

44 B
424 B

20ms
19ms

Image
image/gif

3.142.108.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1712713827538&ci=ziffdavis&js=1&cg=0&ts=v60a.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&sr=800x600&id=lstrg-07f6c123a66b57c302a6a02be0084a2a&tz=-10&ja=1
Requested by: Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/
Protocol: H2
Server: 3.142.108.32 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-142-108-32.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wl9.ansaria.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:27 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:27 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location: https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1712713827538&ci=ziffdavis&js=1&cg=0&ts=v60a.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&sr=800x600&id=lstrg-07f6c123a66b57c302a6a02be0084a2a&tz=-10&ja=1
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/ 443 KB
139 KB 6ms
4ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

07c479ddb34a0a041f0814be959c48ed6c9b71a80ee728e6c5a221be9945abec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 10:28:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55299
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141645
x-xss-protection: 0
server: cafe
etag: 5596240516402759981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 09 Apr 2025 10:28:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 68 B
81 B 96ms
63ms XHR
application/json 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wl9.ansaria.workers.dev

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

bd4eeb9cf3b4e144e75af95bdb2f6c8d0bb35e7ab05ba56b28b8436dde7d9909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57
x-xss-protection: 0
expires: Wed, 10 Apr 2024 01:50:27 GMT

GET
H2 200 check Show response
jogger.zdbb.net/ 5 B
230 B 453ms
21ms XHR
text/plain 54.235.250.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jogger.zdbb.net/check?href=https%3A%2F%2Fwl9.ansaria.workers.dev%2F
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.250.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-250-92.compute-1.amazonaws.com
Software: /
Resource Hash: 4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:28 GMT
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=6064
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 5

GET
H2 200 zd-core-olt.min.js Show response
cdn.static.zdbb.net/js/ 844 B
791 B 5ms
5ms Script
text/javascript 23.200.1.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.1.40 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-1-40.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: JlgQWLGnCQOleeI_Nkp.MMDaHSaBm8EV
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:28 GMT
last-modified: Tue, 19 Mar 2024 12:01:34 GMT
x-amz-request-id: 1FTYG7R28ACECCGF
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 464
x-amz-id-2: zGhbauLEI6R0sqR3WP1Tvy9mB126Yedv18NHZJpwAXmfcPokodzerYv7/QsSZ5av/NBfwu5W/7Q=
expires: Wed, 17 Apr 2024 01:50:28 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 427ms
13ms Script
application/javascript 23.192.49.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.192.49.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-49-23.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:28 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Wed, 17 Apr 2024 01:50:28 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 1522ms
10ms Preflight 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://wl9.ansaria.workers.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-max-age: 600
age: 0
content-length: 0
date: Wed, 10 Apr 2024 01:50:29 GMT
server: ATS/9.1.10.94

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 1522ms
11ms Preflight 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://wl9.ansaria.workers.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-max-age: 600
age: 0
content-length: 0
date: Wed, 10 Apr 2024 01:50:29 GMT
server: ATS/9.1.10.94

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 1523ms
13ms Preflight 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://wl9.ansaria.workers.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-max-age: 600
age: 0
content-length: 0
date: Wed, 10 Apr 2024 01:50:29 GMT
server: ATS/9.1.10.94

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 1521ms
11ms Preflight 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://wl9.ansaria.workers.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-max-age: 600
age: 0
content-length: 0
date: Wed, 10 Apr 2024 01:50:29 GMT
server: ATS/9.1.10.94

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 1521ms
12ms Preflight 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://wl9.ansaria.workers.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-max-age: 600
age: 0
content-length: 0
date: Wed, 10 Apr 2024 01:50:29 GMT
server: ATS/9.1.10.94

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
680 B 1207ms
30ms Fetch
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=184382
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 146fe62f80a3fbfd03d94c382134293e0d4a6cb613035991dbdbb68a2d95ebfe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0bfqTF345%2F%2BnJafURH4V6LwSlFlxMx2jNNAmE0jk1Bb%2BcPkjbjHvop%2FoVU8JzNmoShds%2FRtQEqyrcJGUAWAS%2B1wCTJVq88d3oE%2FDipEVn4lRUSeGb%2B9Db1oAKFwlpneANl%2Frkv5d"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 871f16199ff842b1-EWR
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 1669ms
495ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUYEJ1S6
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 6145a8b4d6b5fab0718c1b3402a9d113fc60b61cfc1d8b10e2f84453595aa6b6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:29 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Apr 2024 01:50:29 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
346 B 1236ms
63ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: c714c77f82a9415d2a4c6a05958232b02679e493c467d4e3a2dc4464b91882ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 10 Apr 2024 01:50:29 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
202 B 1170ms
14ms Fetch 74.119.117.6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.31.0&cb=902963317&lsavail=1&bundle=L8hWKl9yT2hxbk9xSnVkWU9jWnh2QkxLQnlwb2ZuTWtZM0NrQVZSSnJERjF3b0VJSFFmV2lPbDJYclFzeGlYaHFjYVVTVyUyRkpKYjhUMEVaWXcxdzRLblYlMkJhbHhENENkNjFPTG8yT2NmQUpKRlRLdU9sNHlUM0N1RkR2ZjdwQ2c4TVBzRzg

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://wl9.ansaria.workers.dev
date: Wed, 10 Apr 2024 01:50:29 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 418 B
769 B 388ms
20ms Fetch
application/json 8.43.72.32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=2&us_privacy=1YNY&eid_criteo.com=l_NF0F9SUjB5Mm03eVNLckpyaW9YbzZLRGRyeEpCTE9WYkVuWXliTUEzTU5JV1QwUXclMkZLb3oxa1o0WGU0RHNsN2RhekpzRVIwRHFrZ1J6MXVPZlZ3V3J6V1JRJTNEJTNE%5E1&eid_id5-sync.com=ID5*betp_YWrzub85OEbBw0ytX5s8A_-2PCD8U7hWmSzEg-T0c3Mg1KRiemOPlHEINi2%5E1%5E&tpid_liveintent.com=R7uXF9DSWWk3SCW_uf67wt5YOw5WVcqChQLXUw&eid_liveintent.com=R7uXF9DSWWk3SCW_uf67wt5YOw5WVcqChQLXUw&eid_bidswitch.net=ad04de0d-4786-45f7-bfbc-741a1636aa71%5E3&eid_media.net=3237599974953432000V10%5E3&eid_rubiconproject.com=LU8OPQ77-Z-2ZWP&eid_liveintent.indexexchange.com=ZUOrj8BlUQeiqAkTGidWBQAA%261089%5E3&eid_pubmatic.com=1062A7A4-2554-4BB1-B209-C869A1B2E535%5E3&rf=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=wl9.ansaria.workers.dev&tg_i.page=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_leaderboard&tk_flint=pbjs_lite_v8.31.0&l_pb_bid_id=267faac49108b08&p_screen_res=800x600&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_leaderboard&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22123%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22123%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22123%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22123%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.2876810813252728
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a2a8889182af0fdb435322d6982f98d90a5267d2b99d75baa699b5da6442eca9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 418
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 417 B
947 B 385ms
18ms Fetch
application/json 8.43.72.32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=9&us_privacy=1YNY&eid_criteo.com=l_NF0F9SUjB5Mm03eVNLckpyaW9YbzZLRGRyeEpCTE9WYkVuWXliTUEzTU5JV1QwUXclMkZLb3oxa1o0WGU0RHNsN2RhekpzRVIwRHFrZ1J6MXVPZlZ3V3J6V1JRJTNEJTNE%5E1&eid_id5-sync.com=ID5*betp_YWrzub85OEbBw0ytX5s8A_-2PCD8U7hWmSzEg-T0c3Mg1KRiemOPlHEINi2%5E1%5E&tpid_liveintent.com=R7uXF9DSWWk3SCW_uf67wt5YOw5WVcqChQLXUw&eid_liveintent.com=R7uXF9DSWWk3SCW_uf67wt5YOw5WVcqChQLXUw&eid_bidswitch.net=ad04de0d-4786-45f7-bfbc-741a1636aa71%5E3&eid_media.net=3237599974953432000V10%5E3&eid_rubiconproject.com=LU8OPQ77-Z-2ZWP&eid_liveintent.indexexchange.com=ZUOrj8BlUQeiqAkTGidWBQAA%261089%5E3&eid_pubmatic.com=1062A7A4-2554-4BB1-B209-C869A1B2E535%5E3&rf=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=wl9.ansaria.workers.dev&tg_i.page=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_skyscraper&tk_flint=pbjs_lite_v8.31.0&l_pb_bid_id=27b10cc7a129624&p_screen_res=800x600&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_skyscraper&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22123%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22123%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22123%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22123%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.887809116709626
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bf7fa0cf27306d4940efce4211bb66620e243244116cebe976f3fad71a46863b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 417
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 421 B
770 B 544ms
177ms Fetch
application/json 8.43.72.32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=15&us_privacy=1YNY&eid_criteo.com=l_NF0F9SUjB5Mm03eVNLckpyaW9YbzZLRGRyeEpCTE9WYkVuWXliTUEzTU5JV1QwUXclMkZLb3oxa1o0WGU0RHNsN2RhekpzRVIwRHFrZ1J6MXVPZlZ3V3J6V1JRJTNEJTNE%5E1&eid_id5-sync.com=ID5*betp_YWrzub85OEbBw0ytX5s8A_-2PCD8U7hWmSzEg-T0c3Mg1KRiemOPlHEINi2%5E1%5E&tpid_liveintent.com=R7uXF9DSWWk3SCW_uf67wt5YOw5WVcqChQLXUw&eid_liveintent.com=R7uXF9DSWWk3SCW_uf67wt5YOw5WVcqChQLXUw&eid_bidswitch.net=ad04de0d-4786-45f7-bfbc-741a1636aa71%5E3&eid_media.net=3237599974953432000V10%5E3&eid_rubiconproject.com=LU8OPQ77-Z-2ZWP&eid_liveintent.indexexchange.com=ZUOrj8BlUQeiqAkTGidWBQAA%261089%5E3&eid_pubmatic.com=1062A7A4-2554-4BB1-B209-C869A1B2E535%5E3&rf=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=wl9.ansaria.workers.dev&tg_i.page=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_top_rectangle&tk_flint=pbjs_lite_v8.31.0&l_pb_bid_id=28c8ab860c1bc48&p_screen_res=800x600&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_top_rectangle&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22123%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22123%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22123%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22123%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.18556326878618767
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 25400737416b72decf36519e25c233c752f25bc80f9ff822bbecaefffe389b4d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 421
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 424 B
774 B 389ms
23ms Fetch
application/json 8.43.72.32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373682&size_id=15&us_privacy=1YNY&eid_criteo.com=l_NF0F9SUjB5Mm03eVNLckpyaW9YbzZLRGRyeEpCTE9WYkVuWXliTUEzTU5JV1QwUXclMkZLb3oxa1o0WGU0RHNsN2RhekpzRVIwRHFrZ1J6MXVPZlZ3V3J6V1JRJTNEJTNE%5E1&eid_id5-sync.com=ID5*betp_YWrzub85OEbBw0ytX5s8A_-2PCD8U7hWmSzEg-T0c3Mg1KRiemOPlHEINi2%5E1%5E&tpid_liveintent.com=R7uXF9DSWWk3SCW_uf67wt5YOw5WVcqChQLXUw&eid_liveintent.com=R7uXF9DSWWk3SCW_uf67wt5YOw5WVcqChQLXUw&eid_bidswitch.net=ad04de0d-4786-45f7-bfbc-741a1636aa71%5E3&eid_media.net=3237599974953432000V10%5E3&eid_rubiconproject.com=LU8OPQ77-Z-2ZWP&eid_liveintent.indexexchange.com=ZUOrj8BlUQeiqAkTGidWBQAA%261089%5E3&eid_pubmatic.com=1062A7A4-2554-4BB1-B209-C869A1B2E535%5E3&rf=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=wl9.ansaria.workers.dev&tg_i.page=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_bottom_rectangle&tk_flint=pbjs_lite_v8.31.0&l_pb_bid_id=2999008dc14fe11&p_screen_res=800x600&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_bottom_rectangle&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22123%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22123%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22123%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22123%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.3356900928370763
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8af1fd28d482baf8c6335552c9ee5d7c7497e8e9669ef29c196ff5e5f0216860

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 424
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 417 B
767 B 384ms
19ms Fetch
application/json 8.43.72.32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373682&size_id=2&us_privacy=1YNY&eid_criteo.com=l_NF0F9SUjB5Mm03eVNLckpyaW9YbzZLRGRyeEpCTE9WYkVuWXliTUEzTU5JV1QwUXclMkZLb3oxa1o0WGU0RHNsN2RhekpzRVIwRHFrZ1J6MXVPZlZ3V3J6V1JRJTNEJTNE%5E1&eid_id5-sync.com=ID5*betp_YWrzub85OEbBw0ytX5s8A_-2PCD8U7hWmSzEg-T0c3Mg1KRiemOPlHEINi2%5E1%5E&tpid_liveintent.com=R7uXF9DSWWk3SCW_uf67wt5YOw5WVcqChQLXUw&eid_liveintent.com=R7uXF9DSWWk3SCW_uf67wt5YOw5WVcqChQLXUw&eid_bidswitch.net=ad04de0d-4786-45f7-bfbc-741a1636aa71%5E3&eid_media.net=3237599974953432000V10%5E3&eid_rubiconproject.com=LU8OPQ77-Z-2ZWP&eid_liveintent.indexexchange.com=ZUOrj8BlUQeiqAkTGidWBQAA%261089%5E3&eid_pubmatic.com=1062A7A4-2554-4BB1-B209-C869A1B2E535%5E3&rf=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=wl9.ansaria.workers.dev&tg_i.page=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_lowerboard&tk_flint=pbjs_lite_v8.31.0&l_pb_bid_id=30a51f2fe96819a&p_screen_res=800x600&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_lowerboard&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22123%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22123%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22123%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22123%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.93727237993143
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 58b7353a757017dd308bee27185666f77d6f5413086ea7ac4d2d9a4b433273e3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 417
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 697 B
604 B 643ms
276ms Fetch
application/json 52.55.204.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-204-172.compute-1.amazonaws.com
Software: /
Resource Hash: 6b4000feafa6f9ceea7216069ac77da23409eed54e40e07d484e3f786543c509

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 10 Apr 2024 01:50:28 GMT
content-encoding: gzip
x-openrtb-version: 2.5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 451

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 552 B
635 B 484ms
117ms Fetch
application/json 52.55.204.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-204-172.compute-1.amazonaws.com
Software: /
Resource Hash: c382cbee5e91ad0cf174fbbee207b6e6332ee0bb9daf84d9991f0e7303e66508

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 10 Apr 2024 01:50:28 GMT
content-encoding: gzip
x-openrtb-version: 2.5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 328

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 688 B
572 B 670ms
304ms Fetch
application/json 52.55.204.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-204-172.compute-1.amazonaws.com
Software: /
Resource Hash: 4ca39f19028289d90d659caecec9201020bfaf38352ccfab852c402995c33aea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 10 Apr 2024 01:50:28 GMT
content-encoding: gzip
x-openrtb-version: 2.5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 419

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 827 B
622 B 504ms
139ms Fetch
application/json 52.55.204.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-204-172.compute-1.amazonaws.com
Software: /
Resource Hash: 83caf68e957057a38b20a2b7f43a0f7bf7670cfde11df717a11afb8ae3d91c71

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 10 Apr 2024 01:50:28 GMT
content-encoding: gzip
x-openrtb-version: 2.5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 469

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 515 B
523 B 505ms
140ms Fetch
application/json 52.55.204.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-204-172.compute-1.amazonaws.com
Software: /
Resource Hash: f51e3cd0fe2607463e037c559d694c5c488bcf81d5aa60ac5255186e3ad3aaab

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 10 Apr 2024 01:50:28 GMT
content-encoding: gzip
x-openrtb-version: 2.5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 370

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
284 B 65ms
38ms Fetch
application/json 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash: cf7e7f14cbf2618edbf9ba3c9e6283a238a8a73df95deba9bdbfac385d71f40a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
Referer: https://wl9.ansaria.workers.dev/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:29 GMT
content-encoding: gzip
server: ATS/9.1.10.94
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
285 B 65ms
41ms Fetch
application/json 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash: bfcee0b3b362cdd9dafb9c1eede7b9c44ac00f9b7e80ee8142f12dd548934b43

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
Referer: https://wl9.ansaria.workers.dev/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:29 GMT
content-encoding: gzip
server: ATS/9.1.10.94
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
284 B 57ms
34ms Fetch
application/json 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash: bb4490cf76597ff1b770a9a6c6eec16bd535e887cf7ec04b5130104395c2358c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
Referer: https://wl9.ansaria.workers.dev/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:29 GMT
content-encoding: gzip
server: ATS/9.1.10.94
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
285 B 63ms
40ms Fetch
application/json 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash: f6a49a9369f82be76c7aa9ea5499501ecbf66082eb7828b4a670d5e9d7f982af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
Referer: https://wl9.ansaria.workers.dev/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:29 GMT
content-encoding: gzip
server: ATS/9.1.10.94
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
516 B 55ms
32ms Fetch
application/json 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.10.94 /
Resource Hash: 7c0ff68f3ea57addced3fbba78d674ee942f110c6b30a356b26e018e175e9bc6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-openrtb-version: 2.5
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
Referer: https://wl9.ansaria.workers.dev/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:29 GMT
content-encoding: gzip
server: ATS/9.1.10.94
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
access-control-allow-credentials: true
content-length: 84

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 1204ms
72ms Fetch 207.65.37.179
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://wl9.ansaria.workers.dev
date: Wed, 10 Apr 2024 01:50:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 603 B
1 KB 601ms
587ms Fetch
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e396327a0a7a644ba594ac9fa8aba75e7e85d5880cdc9115db61b4b932e5a076

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:28 GMT
content-encoding: gzip
an-x-request-uuid: 74643fcf-145d-4cf4-bbdd-9805e052c7b4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.10.132; 138.199.10.132; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 favicon.svg
b.cdnst.net/images/favicons/ 1 KB
628 B 7ms
6ms Other
image/svg+xml 151.101.130.219
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/images/favicons/favicon.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

151.101.130.219 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a4d2c91234d76c14551fff4ff2c42cf835ce8238ecf505fe945eec2bc1d543bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Wed, 10 Apr 2024 01:50:28 GMT
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
etag: W/"44f-18e5ccb5020"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 554

GET
H3 200 favicon.ico
wl9.ansaria.workers.dev/ 100 KB
7 KB 44ms
43ms Other
image/x-icon 104.21.26.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wl9.ansaria.workers.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.26.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caca9270c3bccfaa6645272295c7c53725a58b506f34d64645d94b30be6968f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:28 GMT
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28154
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Mar 2024 16:56:52 GMT
server: cloudflare
etag: W/"18e64-18e5ccb5020"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=61jQJO34Md%2Bgq3MFjm6UUzxNFkw4pp9uzOuYwinkDHS75Wk6ykQNkFK6r7QdXqY813izp%2FhftiScigXvbL7OmMjJFAQCTU4EYCJOMeY0bZwarg9omLQsv3MWgt05SbmQu%2FtfZMbDFQBc%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
cf-ray: 871f1612afdfc32d-EWR

GET
H2 200 30629
stags.bluekai.com/site/ Frame 4ED8 0
0 879ms
129ms Document
text/html 23.60.5.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Dwl9.ansaria.workers.dev&phint=referer%3Dhttps%3A%2F%2Fwl9.ansaria.workers.dev%2F&phint=__bk_t%3DSpeedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&phint=__bk_k%3Dookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeed%20test%2Cbandwidth%20speed%20test%2Cinternet%20speed%20test%2Cbroadband%20speed%20test%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cip%20address%2Ctcp&phint=__bk_l%3Dhttps%3A%2F%2Fwl9.ansaria.workers.dev%2F&phint=__bk_v%3D3.1.10&limit=10&r=5567249
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.60.5.227 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-60-5-227.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://wl9.ansaria.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

bk-server: c444
content-length: 71
content-type: text/html
date: Wed, 10 Apr 2024 01:50:29 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
x-request-id: d4261fe34d479e5de6b564ffe34324fa

GET
H2 200 gn
secure-us.imrworldwide.com/cgi-bin/ 44 B
424 B 20ms
20ms Image
image/gif 3.142.108.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-408075&ch=au-408075_b99_0&sessionId=u6k0l89rbpjbfzyx5f54mjbmnaupd1712713826&fp_id=c22akapafyezdlxf1afadfm4ejo3d1712713826&fp_cr_tm=1712713826350&fp_acc_tm=1712713826350&fp_emm_tm=1712713826350&asn=0&prv=1&c6=vc,b99&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,4smqgseeaktkhcr8glxxttkisooyr1712713827&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,17127138263474953&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&c73=phtype,&c74=dvcnm,&uoo=&c62=sendTime,1712713828&rnd=647291
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.142.108.32 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-142-108-32.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 01:50:29 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 317 KB
40 KB 373ms
372ms Fetch
text/plain 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=337881080723752&correlator=2602902036691414&eid=31079956%2C31082619%2C95327889&output=ldjh&gdfp_req=1&vrg=202404040101&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=6692%2Cspeedtest.net%2Cstnext_leaderboard%2Cstnext_skyscraper%2Cstnext_top_rectangle%2Cstnext_bottom_rectangle%2Cstnext_lowerboard%2Cstnext_left_300x600%2Cstnext_right_300x600&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=728x90%2C160x600%2C300x250%2C300x250%2C728x90%2C160x600%7C300x250%7C300x600%2C160x600%7C300x250%7C300x600&ifi=1&sfv=1-0-40&fsbs=1%2C1%2C1%2C1%2C1%2C1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1712713829898&lmt=1712713829&adxs=362%2C188%2C1112%2C1112%2C362%2C48%2C1112&adys=77%2C77%2C77%2C95%2C697%2C77%2C77&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fwl9.ansaria.workers.dev%2F&vis=1&psz=728x0%7C160x0%7C300x0%7C300x0%7C728x0%7C300x0%7C300x0&msz=728x0%7C160x0%7C300x0%7C300x0%7C728x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=728%2C160%2C300%2C300%2C728%2C300%2C300&ga_vid=912629577.1712713825&ga_sid=1712713830&ga_hid=1703187115&ga_fc=true&dlt=1712713820844&idt=7259&cust_params=zdc%3D1%26li-module-enabled%3Don%26country%3DUS%26testStage%3Dnew%26isp_id%3D56178%26stIspId%3D56178%26hostname%3Dhttps%253A%252F%252Fwl9.ansaria.workers.dev%26stOutage%3D10198%252C36523%252C34802%252C45395%252C34148%252C34761%252C39413%252C37318%252C35857%252C35558%26bucket_test%3D1%26pageviewid%3Dd2525f54-6a43-431d-a791-c9181268a047%26zdid%3D2c0829343a648df213a5c34f13e2badf%26s%3D%26p2%3D%26zdbb%3D%26fpid%3D29f51d7c4b094af2a020dd3343289e57&adks=2675502559%2C490556826%2C2311931128%2C1178321438%2C437806214%2C2923028898%2C3017529935&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

2c2b5d230b9434f93f3f8862dff8b52ab0da1b30a4fd1f0da5716fb6c740e67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41177
x-xss-protection: 0
google-lineitem-id: 5395554369,5396658161,5553237578,5395284409,5553237578,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314166905,138314581471,138332836473,138349847600,138332838351,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wl9.ansaria.workers.dev
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 148ms
132ms XHR
application/json 142.250.64.98

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3262f224525019328abfbed2f1402b5b110adbfb37a31127db04560a28a67efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12366
x-xss-protection: 0

GET
H2 200 container.html
50189f088b8d13e77cccb5bf4c5c1423.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0FF3 0
0 54ms
18ms Document
text/html 142.251.40.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://50189f088b8d13e77cccb5bf4c5c1423.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.193 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wl9.ansaria.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 01:50:29 GMT
expires: Thu, 10 Apr 2025 01:50:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
29ms Script
text/javascript 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 01:50:30 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A744 0
0 17ms
4ms Document
text/html 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wl9.ansaria.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 81897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 03:05:33 GMT
expires: Wed, 09 Apr 2025 03:05:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame F928 0
0 35ms
26ms Document
text/html 142.250.176.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hA1ai36gm2blTVEhCFTy5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wl9.ansaria.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hA1ai36gm2blTVEhCFTy5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 01:50:30 GMT
expires: Wed, 10 Apr 2024 01:50:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 publishertag.prebid.144.js
static.criteo.net/js/ld/ 96 KB
31 KB 195ms
14ms Script
text/javascript 74.119.117.4

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 Apr 2024 01:50:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2196 0
0 71ms
71ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWTVCAQ6kQ5aJu4kWzKM5HiwYGsfOHt8AI_uTGoZMRsDoB1TN393JKTYcDtAfQfw0kHUt5VAQkNh3_QH2Ngv6Ooh0y93F1IbW0LinKuEl42M1J58N6Mtq9-jWK0OJ4bFBewe6JtJGoJ2O_o_NGVzKBDw7iGil_YtjhPtB4qYMrPmfxSFFw16u3JHbzfuiBwyrV6dpYTQwyl7_DKxHTBWO2eFtmQMd5pC77vPtRk4THicrTY8YxtIzFttlANyH0Yy7LpFaatJC0NI4yYA0XtdDEDxnO9JK8JHijhPzpvmWZ_8scx5R5dbP1iwWCnL0sPQubNgZYpYrlclMtoZssclVh59ppDGPNCg-KQn5HRHTk_aES8NVBfeoOdiEi5vDvNfXxmMHDCKEMAJpxiQKdNzNsan5j9SXqKvQpvazvKOw&sai=AMfl-YSo1myrRlomPReWqLRx-kYToSBDwY9Z2vyRqNEK61Pcg4M4X0yHVjl5MXamsZbjwK6tpelp4QS3vUjKsDQRs5r1-6ajABLFPV_NO2syZeLnmMxEQICAqUv5ttUWYljLErgWYKLo0KTryWoOLDOF_9E&sig=Cg0ArKJSzCWWMlOW-WNyEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Apr 2024 01:50:30 GMT

GET
H2 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame 2196 23 KB
9 KB 5ms
4ms Script
text/javascript 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 13:26:02 GMT

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240409/r20110914/client/ Frame 2196 3 KB
1 KB 6ms
5ms Script
text/javascript 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240409/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 13:26:02 GMT

GET
H3 200 ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2196 214 KB
65 KB 16ms
5ms Script
text/javascript 142.250.64.98

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 02:03:05 GMT

GET
H2 200 2128808745664341393
tpc.googlesyndication.com/simgad/ Frame 2196 22 KB
22 KB 5ms
5ms Image
image/png 142.250.65.225

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2128808745664341393

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1ccce80e7030e34d80f73cd16ab97813946e3558cf0eb7f32dbb02b00d963e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 03 Apr 2025 08:13:38 GMT
date: Wed, 03 Apr 2024 08:13:38 GMT
x-content-type-options: nosniff
age: 581812
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22224
x-xss-protection: 0
last-modified: Fri, 12 Jun 2020 22:33:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA1C 0
0 69ms
68ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstArQn3L2x0yZPfxZLAc66knOCTTPjE60vYAKXw9B4n_DfNhPxbS-jxCd4Gr9rMmLdGxsyZw0cZ_tMLD5g_jVpRAZvzsVfsy68_V_q9Y4OTJqB-lrIs0lvVbjH-duyXC7lFov1foVZF04UigsqPGIxdGKZ-qmhS6MLQQxMity644F438L9Mab11aR291NwAwIGAcNa8ZqBx_vXkT8sZkvGCigy4-3cANrFZQbknPUfMB7OW89ShYgXyiQxQfQaUxYFxpfXbcQpDGUfeCQROFX1kkHIqOGHrfJnDObWKORLaowEyFb8uUHXUHCzPnfbQWZ_h91gy6LYWAlM3Bo7ThZom2B_o9rvlu8gJUVMRf2KKCT_7fN9FiDu7DFR2K2XS4Z28M_s5je00IBVhPXxJg_h4EuN4hvlIlNKK4QwHrQ&sai=AMfl-YROG0Gb3Uc4SUEHVWn0dbHCjBl5VL8bZv--awdwI8FPy3R2u28ENSm3L1zFNjqIQZePZOA38l8mDczej5eQ_8GZ6InruJWe5GY8k3ErwSoVZbvvg90we7S0XSn4hRm5IdupZqeQyFS_CUnb88quifY&sig=Cg0ArKJSzNgOyWtTa5OdEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Apr 2024 01:50:30 GMT

GET
H2 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame FA1C 23 KB
9 KB 7ms
4ms Script
text/javascript 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 13:26:02 GMT

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240409/r20110914/client/ Frame FA1C 3 KB
1 KB 8ms
5ms Script
text/javascript 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240409/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 13:26:02 GMT

GET
H3 200 ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FA1C 214 KB
65 KB 4ms
3ms Script
text/javascript 142.250.64.98

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 02:03:05 GMT

GET
H2 200 4656443437172544715
tpc.googlesyndication.com/simgad/ Frame FA1C 6 KB
6 KB 6ms
4ms Image
image/png 142.250.65.225

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4656443437172544715

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

19de3b36b7e3f432ca7a2664bb6c1a76a7f109548a6e79ff75c458d19e2e51aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 03 Apr 2025 10:37:31 GMT
date: Wed, 03 Apr 2024 10:37:31 GMT
x-content-type-options: nosniff
age: 573179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5702
x-xss-protection: 0
last-modified: Fri, 12 Jun 2020 23:59:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 2196 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e56ab268189cbb627550b08d3cb64988996c28b79a2c6a013553599fad070c78

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FA1C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3806e3f5ee71b361e858e7aad0ead6b667d33e55163f71479c633acc4894713a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F85A 0
0 68ms
68ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstg9-LLAUfCtDq_ymu3UpZ7FPBMXr71GUv65vVAv0WeinMN9xxpZy78qotZadIrVz3fkeHlz4Z9KQx6Z4D-_s4GdEfr9YWf95xmBfpZYu8D_BtFBsrItBNBX7OVQONEX2us-l8iNgvAR3-W7RIPCj4AJaLhbsdBVCSSiUOVEkpOk9fII3FCo6o_Cpb35E86eJw36g88Juyf6zSQK_0rKYvcJ57FtDiNqCml0LMCDo3QaUbLxWI8UcUkZRX7G6R39baXMmUubxThVlsRcAleRjRtoGTCcO5wjUNpAZKQm7xJhXoIAYnb7HhAj-XgdIhLw96z2hafMk6xrzpKuQQbEYu-wMEoE11Owo11_PY2Bps-ld73hS66YnoOuyDyErG87dFKVbJd7IXNRsPgEDqoJCn7Q8E&sai=AMfl-YSjQBSftwVxb9XsT4-TieXbK5hrDpzP6-bFqVnLJv0BiBtevPrmujI7-SBWx_-FAm2BYG1Lh_lhXr-hl3YZbZKNfbGz9UETGaygILPUr1WnI45Ic7--z5Y3ypNOt8Vtvkwm6_rfYy1yGCiPMAy3U5o&sig=Cg0ArKJSzGbnf9oGB3xeEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame F85A 23 KB
9 KB 34ms
34ms Script
text/javascript 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 13:26:02 GMT

GET
H3 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240409/r20110914/client/ Frame F85A 3 KB
1 KB 33ms
33ms Script
text/javascript 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240409/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 13:26:02 GMT

GET
H3 200 ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F85A 214 KB
65 KB 5ms
4ms Script
text/javascript 142.250.64.98

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 02:03:05 GMT

GET
H3 200 17221442679305182694
tpc.googlesyndication.com/simgad/ Frame F85A 44 KB
44 KB 45ms
44ms Image
image/png 142.250.65.225

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17221442679305182694

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4f12e858e75c5787a99cd8a2ba5be7e559b52608fe0c0cb2ec90ee6253b4b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 03 Apr 2025 07:55:32 GMT
date: Wed, 03 Apr 2024 07:55:32 GMT
x-content-type-options: nosniff
age: 582898
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45533
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 18:33:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5F72 0
0 67ms
67ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmtDb_3P_r6oIPRTCcGOlHECxPSuQ2_pSkfu386U2odvKk5UqjkduSvOIlHB4daz6L0R6X6uL5h8bf54pnKR8Dq41KCHajcgqbuvUSvmC3TzmwyYtiFGreaRhFTnQV1QKQwcJA-atSFFYsRGw0tRgxGcPxbgSlmfpkA4IynmcgFLY4MUFRi_mTU4yLVNxLM4A93Vxr4c1dcQCTh1z26xlAFZITwu5cwOTcyZhWfB1IBmQrpaKoM5_Z7Thp3nI6CLC0hdPCOKSuN1c-xNAyhHZfNfeipDj_pfn40IVyXUQdqK8h-WZTOsqbxu0fj8-P69SZC8UsW_l96YhdiB54tp5J-fNdiNpmCtrMFVZPNmFXeFfQHocyFqemCTO6snu0PYtFUCnl1HO-UNgycKLgai98kaw1ynE&sai=AMfl-YRBx1YScY957Rq5n4f_xocWBMFf1Z9vf_YNHVwu23JRZviDXhGkB-ehwMvFxy021X-8BcfLf-RGVfNK3tLiiOXKktWCk5R-h-O-FV4LnkWjs1qNW4ZV2mVb-HbMeJ14Lckg4XrLeTLsxtcTOL0QDmY&sig=Cg0ArKJSzFe8uVmw7EECEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame 5F72 23 KB
9 KB 25ms
25ms Script
text/javascript 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 13:26:02 GMT

GET
H3 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240409/r20110914/client/ Frame 5F72 3 KB
1 KB 24ms
24ms Script
text/javascript 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240409/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 13:26:02 GMT

GET
H3 200 ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5F72 214 KB
65 KB 4ms
3ms Script
text/javascript 142.250.64.98

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 02:03:05 GMT

GET
H3 200 15520956230169214031
tpc.googlesyndication.com/simgad/ Frame 5F72 4 KB
4 KB 31ms
30ms Image
image/png 142.250.65.225

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15520956230169214031

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

51248129aced21c60268725b5fed0c1ad30538e3c5a1f562a01110959e09860d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 09 Apr 2025 23:58:00 GMT
date: Tue, 09 Apr 2024 23:58:00 GMT
x-content-type-options: nosniff
age: 6750
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4526
x-xss-protection: 0
last-modified: Tue, 18 May 2021 18:18:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5F51 0
0 66ms
66ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHOlEFdynf050KdDLMAxVEieLFKLTo1daQU5RaBnn1cgSzZhzAb4eDs6yQPQJwnxv7R7QSx5SkMqZqadRRKOOd6Y5H7cu5Ru1xyfUbCorXv6fWbtYH7SBKR-hYZDq7LGgnMgTNYl5A_QFvYK2o03L-yrfcDFfzbvKRyGVmA9-CR8Lajje__5EbGPyNDI93ACUyTIZLeEuzvUdkkO0Afj2DeXLyjhNMcicj1tv9lg1lXuyr_4joboIwHHT5-bKSDiyURrZPtv-tkSKmEk9q4TWsax9SzP_bniM8deuKvM4IrSiQMLOGk-fWpeL4CbII-E4gVY7hKWR-UJanOxlCh-5y4mIy79yrtn5OsD4J7fSxxyXXsA8uyRBPjfa4ErwZo5g6Itlj9vFOFuPKP3TouhA&sai=AMfl-YR0KnXQEx2fUI5Xb31ZZ96T6ugsGurj85sEhejCffhEwNMFYU3n1XlR4mPxUh-DW9s4gzqcQvNikUC3dkNz4jVM6wH7xRqA3FHED4yA2RYv5H2TkB9-nT0AwmYte_JLYaRwknr3g5iKb9V4n9MkuNk&sig=Cg0ArKJSzNErYHCOrX8rEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wl9.ansaria.workers.dev
URL: https://wl9.ansaria.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:50:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240409/r20110914/ Frame 5F51 23 KB
9 KB 16ms
16ms Script
text/javascript 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240409/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 13:26:02 GMT

GET
H3 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240409/r20110914/client/ Frame 5F51 3 KB
1 KB 17ms
15ms Script
text/javascript 142.250.65.225

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240409/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 13:26:02 GMT

GET
H3 200 ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5F51 214 KB
65 KB 6ms
5ms Script
text/javascript 142.250.64.98

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 01:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66581
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2024 02:03:05 GMT

GET
H3 200 12882515973197925562
tpc.googlesyndication.com/simgad/ Frame 5F51 46 KB
46 KB 18ms
17ms Image
image/png 142.250.65.225

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12882515973197925562

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.225 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

75970467cb86b0b4cdb68f26b899c0934fe4167f0cf22c116ca3036cf878ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://wl9.ansaria.workers.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 03 Apr 2025 07:49:54 GMT
date: Wed, 03 Apr 2024 07:49:54 GMT
x-content-type-options: nosniff
age: 583236
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47494
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 18:35:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame F85A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b11ab6d92b15b89f17220db1a5a2cc31c48870dc93697ce56f138a604d8e1cfa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5F72 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 491a1ceeb82c73bb1d9013d4f377f0990f4c72ae417f82e3b4ca91c09e4c22cd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5F51 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a79282289bfa54a950518c21c923487db4991da11229d774e027e90aaffa537f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET view
securepubads.g.doubleclick.net/pcs/ Frame F85A 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame F85A 0
0

GET view
securepubads.g.doubleclick.net/pcs/ Frame 2196 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame 2196 0
0

GET view
securepubads.g.doubleclick.net/pcs/ Frame FA1C 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame FA1C 0
0

GET view
securepubads.g.doubleclick.net/pcs/ Frame 5F51 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F51 0
0

GET view
securepubads.g.doubleclick.net/pcs/ Frame 5F72 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F72 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssN58F559ZScqudR6M1LoUTteAlePtHXusHcYrcnnLmEJ0ZYe_Z2AIp4VGlXzQqBHH8uk3Arr2964k9YWqOP0GOqzX17EA68ZKL8TsKJwocCAL3EZZtCxVkETEcykr2Mf0vJmBPkbNYgadfkaMSFdXNF4hb8yb0fJKO0F9OpQ6xDLwNtP-RwVFJfjRDu5hqIK040vwlbkB2q8Fp3tkXoG0XDA0sf1IlhPDLkGWmnsAxRy7btHhLMlsHtEUAuVQBwlJJzq5cNHI4ZFafIotgLTRCyT9Ek6HgqaCrTtRH3p3HOGq7KIce7R4p29kuqjkD-ZQfMZBvjtND2gIaNQ_Zpl3da1fuUv3uSN5Q_YNoG5O2swivZ-cpmOvLugT4FDs0oIyeq6Al26QRsCnp4rcOo94zK-NQbg&sai=AMfl-YRjn0eWG8SLFIhJGQRPVPkh2vN30YkecoPuWfzJ6zmS9a1g4ZAptxrRA__5vU_fqxQLbAztX2t6VM-jCtHJbWM-O0bVGr4i6LvUakttsAx7aNoQRC05VBozhL9DarNxSV9A6rUaX_p9Kj5uSSlPGuY&sig=Cg0ArKJSzEqSOBM-Wz5rEAE&uach_m=%5BUACH%5D&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvt8x_AuoqOeKGMCG5Ui7j3yfnNF_G8A0VuXEHytE8n5vytcfjHTO2Gj4PowYnmJXHyFgbUOrQzz7D7CUaY8v8tRpkFCdDgT9DK8Wrm2Pygquj7clVYlk0noUCO-_T__NvXNHa-iPC7JOMrCkhHbR7TUhyRO-HQ2ys44Q0otpWvYVqBap_Z6Vr42cbHvkg_QAWIJljPrKR8dgdk0ID7R5qaZPNFsaC5Y2Po4mD5eYSI_AxvzrL1NqG84ax9L9aILO1kkUHW2liaB1j2MV0aLA3EiuDSh6k_G7sZ5Lxry0sZY6D79KuHVwqL3Qps7nD2J4UH1uLbiHf21nuMPv9CsyXN6tOGeHv5m-S1LaeZuD3LxyiketNl6dEqX_6vP1TXhEIKzCV74Qci8eJJr9MmkThqX4&sai=AMfl-YSDKqG2pePCk5Y57OxLx2m9oMjJwf4zKzyzXrHQJddaAEy5LKAyN7VfQmCt7LysVsjOlyvGUPupg0RNqc4W2fE9m4uAGbpQmHMuaBJxfROGXZX2qMRmexY3qZcxRJ4IC_xqPv-V09fTDIOaFjcwV94&sig=Cg0ArKJSzFXALS9LNh_nEAE&uach_m=%5BUACH%5D&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIXMwm3HOGQO6EpEzYsDkijg_gY-NjdNj9Hd8FrfhzTQwWnDdPmspZL3nDxcQHM5_rFLwsWvdngLYJHprbTe8AKbP8K9VHSNtxQ1jJYy1fifBslPDw2pEFkVk2aZf_R_iJIgS6p5lGfJbElzVtU0XxlyxfDkYFHHN5G4PQEm-cw926Ibwz2bKqgt9eopRT_EHonkuTlydM2iAogKbaqvtab4wmTK5XfwRqWTg0v8BqC6LohgL5ahg7YdeLDCgENgNhfFPj9jVz5U52O1Nnyl_6NY-0Z5tIKQMMmRUiuGUpF4WgLEZqn4CqTSay9rFR36PTFxr1yjA3gB_sX0xXI0Q1iwme1hRlK8yztpewZPOWwAyszs-EsW16NS2iTXSGGY8UsQa201SFtVkYxoNGDMPxNw&sai=AMfl-YT6VmqUmezBgvDWK5466cdTsqqcaCiZRJhHke0VkmTOxfBCtjpVuQynxFoe4Xv6BGzSEcN3LU7G9hOsZHnJDm5vH4kESUbOssrrAfTqgKdwpew023VPcb-iJGzPBHDgPQ0q9_W7hgoEVEom7Tl9pBM&sig=Cg0ArKJSzMUHU2vHQ_fWEAE&uach_m=%5BUACH%5D&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv99Z46qE8REXbP0tGaXR5upIcmnvH2Cb95mEiY7I2SVNcvFLQXd9lJPRoYAPhe3R5le5z9QCiDaRWaxYRZIW136wCJcFTM7h1qmvy5Xhy3fOLomOWEyg47uDgow89o2_W2y80jzpiJZ6U_JO7XSZps8LVUlqKKMpa8U_1WSRcelvXw8tQ3I3Khxulf9QwNBMzG4jsR44WlT-AarCEx-AaNA9WtxQO8p1t1lNYtPhMR9b__HXPeD5NssUrCkLJS_REYfnVn9fPhjl4fYnqYhBMLY0xI7EcRyVZlgQbD8t61OWUz51C19YD1su6FOSjrgqs1k9eJ2zpE7FbBlCONVsYvWy5z1kfFhV3bZfoACe6DLL02HZdzPKwD8cVzxJe2aMjNjh3mx2GTfu7doj_AzBrHPg&sai=AMfl-YQc3TZPeVA2fsUAd8poMvIrbEzTgeb4Z4DI2hLiH7uzyL7vQWgTnfel20f8_6v2LZ44Hu3Y-4KUdQLgVNJfYDxPnIuYXoAtQHr00joz3NBUnYx4ywlp9FipdEYXQ_0TKO1gPwDXccfX2OFD-x_WyFg&sig=Cg0ArKJSzAF0bSrx9K0yEAE&uach_m=%5BUACH%5D&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWFuz4fCD3UOGeDxtr_GyYQ7t1-ocdCQNiarqTlMXrlAWisTXQKW7Zuu7RUFe8z7H_t71spRTEDLPPCSg7l6V11rvIlBpfppYJu1TTorGGT8N9_7YODbIcFC3GFQMMmBKESFWnEz_4pmSEa1F49U0FxzIjT9HFY33Ue5Hq0ZPmlaxbjJJlXAwAw5KZ2EIQ83d9o1EbdRXOM-SwfTO9s2BUvYfkTqXzVDkRW2aaUQFrwSzaCw3OFF5xyKSfflzGLs0KBoBzOA0CtoKcZjuEX6Quvr_wC6qwIi8WgpVUJQsCjhLptqHngB_kSb-q4Nsd17A63qQwGcGrbg2rsiHtE7z7Jr3xByN8ybunJV29jJIdxvwwtlw45d0hXNmjXm3YKK8jSH9C_tZighqwNbg8mQW8y0Qgznrxhw&sai=AMfl-YRMcSd4PsfAGuPnBwt8P5aSMpa64TbgUp1xg-Y4f2fX0-B4NWzt4GMl22aerIIJeUEIu5bSKxUoDKCyQzH3Dfcb1l-gpApLhxuhvWtAfljW7JTtC4YNqM8VtxUxlpxPEIEF1SFNJkRf993mSnak6Hw&sig=Cg0ArKJSzLXJIVMUCIk7EAE&uach_m=%5BUACH%5D&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 05:21:13	Name: lidid Value: b5ff05fb-4763-454e-b15a-e2c2137fc20a
.ansaria.workers.dev/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .ansaria.workers.dev
.ansaria.workers.dev/	1970-01-21 05:21:13	Name: _lc2_fpi Value: 771b878a18da--01hv2v5ycrknndfp1x6sghjawp
.ansaria.workers.dev/	1970-01-21 05:21:13	Name: _lc2_fpi_meta Value: %7B%22w%22%3A1712713824664%7D
wl9.ansaria.workers.dev/	1970-01-20 20:28:25	Name: fu Value: 1
.ansaria.workers.dev/	1970-01-20 19:46:40	Name: _gid Value: GA1.3.103374934.1712713825
.ansaria.workers.dev/	1970-01-20 19:45:13	Name: _gat_UA-389482-3 Value: 1
.ansaria.workers.dev/	1970-01-21 05:21:13	Name: _ga_KKLSRK6J1Z Value: GS1.1.1712713824.1.0.1712713824.60.0.0
.ansaria.workers.dev/	1970-01-21 05:21:13	Name: _ga Value: GA1.1.912629577.1712713825
.liadm.com/	1970-01-21 05:21:13	Name: lidid Value: b5ff05fb-4763-454e-b15a-e2c2137fc20a
wl9.ansaria.workers.dev/	1970-01-20 19:46:40	Name: pbjs_li_nonid Value: %7B%22nonId%22%3A%22R7uXF9DSWWk3SCW_uf67wt5YOw5WVcqChQLXUw%22%2C%22bidswitch%22%3A%22ad04de0d-4786-45f7-bfbc-741a1636aa71%22%2C%22magnite%22%3A%22LU8OPQ77-Z-2ZWP%22%2C%22medianet%22%3A%223237599974953432000V10%22%2C%22pubmatic%22%3A%221062A7A4-2554-4BB1-B209-C869A1B2E535%22%2C%22index%22%3A%22ZUOrj8BlUQeiqAkTGidWBQAA%261089%22%7D
wl9.ansaria.workers.dev/	1970-01-20 19:46:40	Name: pbjs_li_nonid_cst Value: 1izpLMgsJw%3D%3D
.zdbb.net/	1970-01-21 00:04:25	Name: h_zdbb Value: f3f7550e2b4745378849b24cddb8c006
.zdbb.net/	1970-01-20 20:28:25	Name: csp Value: 0
.criteo.com/	1970-01-21 05:06:49	Name: partitioned_bundle Value: EKH9iV9yT2hxbk9xSnVkWU9jWnh2QkxLQnlwb2ZuTWtZM0NrQVZSSnJERjF3b0VJSFFmV2lPbDJYclFzeGlYaHFjYVVTVyUyRkpKYjhUMEVaWXcxdzRLblYlMkJhbHhENENkNjFPTG8yT2NmQUpKRlRLdU9DZ0JSQ3lYZ2d0aThPMiUyRkYxZ0o2bFZqU0tmRlA2S0lpbUlicm1rUE1KRUp4WjZUOXdudFJOYlh1RVhxSTJuMEUlM0Q
.ansaria.workers.dev/	1970-01-21 05:06:13	Name: cto_bundle Value: L8hWKl9yT2hxbk9xSnVkWU9jWnh2QkxLQnlwb2ZuTWtZM0NrQVZSSnJERjF3b0VJSFFmV2lPbDJYclFzeGlYaHFjYVVTVyUyRkpKYjhUMEVaWXcxdzRLblYlMkJhbHhENENkNjFPTG8yT2NmQUpKRlRLdU9sNHlUM0N1RkR2ZjdwQ2c4TVBzRzg
.ansaria.workers.dev/	1970-01-21 05:06:13	Name: cto_bidid Value: l_NF0F9SUjB5Mm03eVNLckpyaW9YbzZLRGRyeEpCTE9WYkVuWXliTUEzTU5JV1QwUXclMkZLb3oxa1o0WGU0RHNsN2RhekpzRVIwRHFrZ1J6MXVPZlZ3V3J6V1JRJTNEJTNE
.ansaria.workers.dev/	1970-01-21 00:04:25	Name: nol_fpid Value: c22akapafyezdlxf1afadfm4ejo3d1712713826\|1712713826350\|1712713826350\|1712713826350
.id5-sync.com/	1970-01-20 21:54:49	Name: id5 Value: 1dc5f2d2-a09b-7281-8662-1163d891c905#1712713826765#1
.imrworldwide.com/	1970-01-21 05:06:49	Name: IMRID Value: b46f11c1-f6dc-11ee-89d8-d98a9e7c97d7
.rubiconproject.com/	1970-01-21 04:30:49	Name: khaos Value: LUT5LC3L-5-FYH6
.rubiconproject.com/	1970-01-21 04:30:49	Name: audit Value: 1\|tcR/wBEzWcKKCpAL7DixXrNjdP3bxZodvMAq6qHDtf4NdKH2wmd9gSeqJU9In3SbBbMh0cJ/lx+H+pSW57E+9sxuhZpbWKLt5MMtJBTR5Rc1P2hyKWeoqSKPLRELhl3x0A+VO7RH1E0=
.adnxs.com/	1970-01-20 21:54:49	Name: XANDR_PANID Value: wLJPd9Uf8L_3Mzi97stEN3umIfoMni2VUTbI0JY07ud96_6S7zRxv2vXyhNPDxRpJFvkbjn5gK8b0C2h24b2_LJEkxgTiqcg-cwCDwRUiZc.
.adnxs.com/	1970-01-20 21:54:49	Name: icu Value: ChgIo9cnEAoYASABKAEw5ODXsAY4AUABSAEQ5ODXsAYYAA..
.adnxs.com/	1970-01-21 05:21:13	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:54:49	Name: uuid2 Value: 4651184698163223921
.sharethrough.com/	1970-01-20 20:28:25	Name: stx_user_id Value: 14f775b2-3398-4e62-ac5a-c670d72734c2
.casalemedia.com/	1970-01-21 04:30:49	Name: receive-cookie-deprecation Value: 1
.openx.net/	1970-01-21 04:30:49	Name: receive-cookie-deprecation Value: 1
.bluekai.com/	1970-01-21 00:04:25	Name: bkdc Value: phx
.bluekai.com/	1970-01-21 00:04:25	Name: bkpa Value: KJ05ADNFQp91C7XBFRNuVe+hxBmVSEFrLBtH/VTEAujHTCq+lXXoSvv55oAWdreNI0QhbbQJNNVhvIFcQBxGmo3PP2ouA8uLKCkB7RmBWeEAGyLeCoCnw12e94zR1wYz/F/h38b0XoV4wN0Lp1StfRSVtw4CWuPCovyLriXmftTyywZml6IacBI1bXOyXHyz09bL8wgiu0BLUE/cjgGJ/K/6/0qXNY8g+L2+QG8SArJwBhvE1PiAl63lm1bBhY61YJWFJwRs/7Ba4TWLK/JMVAfu7nURAlqtZgLXZeO9SwrW2BGK6gNDzvKeX3zWAtb6CGNz7FhzUsak8O6vZa/w7zsWtvxMHzdhfcHvwbW9vxwsZvjbF20hIK4dwgmF0M48okQj45EDzOsSfUqlDBfUl2dbtfz=
.bluekai.com/	1970-01-21 00:04:25	Name: bku Value: oUz99sUyaVjAvN97
.yahoo.com/	1970-01-21 04:31:11	Name: A3 Value: d=AQABBGXwFWYCEFAq8aBet4z0rv99xPBEEfgFEgEBAQFBF2YfZtxH0iMA_eMAAA&S=AQAAAqIRtkF5sF3IPvjYzI6qJqg
prebid.media.net/	1970-01-21 00:04:25	Name: receive-cookie-deprecation Value: 1

53 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wl9.ansaria.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

50189f088b8d13e77cccb5bf4c5c1423.safeframe.googlesyndication.com
analytics.google.com
b.cdnst.net
bee.imrworldwide.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn-gl.imrworldwide.com
cdn.static.zdbb.net
cdn.ziffstatic.com
fastlane.rubiconproject.com
gum.criteo.com
gurgle.zdbb.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idx.liadm.com
jogger.zdbb.net
lb.eu-1-id5-sync.com
pagead2.googlesyndication.com
prebid.media.net
rp.liadm.com
rtb.openx.net
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
tags.bkrtx.com
tpc.googlesyndication.com
wl9.ansaria.workers.dev
www.google-analytics.com
www.google.com
www.googletagmanager.com
zdbb.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
104.21.26.91
142.250.176.196
142.250.64.98
142.250.65.225
142.250.72.98
142.250.80.78
142.250.81.232
142.251.111.155
142.251.40.193
151.101.130.219
162.19.138.117
162.19.138.119
172.64.151.101
18.164.96.111
18.238.63.215
184.73.5.153
207.65.37.179
216.239.36.181
23.192.49.23
23.200.1.40
23.60.5.227
3.142.108.32
3.92.156.8
34.120.63.153
34.198.16.32
34.233.8.21
34.237.147.73
35.227.252.103
52.14.88.199
52.55.204.172
52.85.61.10
52.85.61.40
54.235.250.92
68.67.160.76
74.119.117.4
74.119.117.6
74.119.119.139
8.43.72.32
0210bcf8c6f9fb41e1db722e8ec3c318101342f5922c59331321c993df1720d1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c479ddb34a0a041f0814be959c48ed6c9b71a80ee728e6c5a221be9945abec
0d23c759f4302ff762012a6ff00cbd124858dd9b387ea06eafa727c5e726fd77
0f2b977156323183e22b228712efd075b20e4fef72d8decb2b05af1ba570516e
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
146fe62f80a3fbfd03d94c382134293e0d4a6cb613035991dbdbb68a2d95ebfe
19de3b36b7e3f432ca7a2664bb6c1a76a7f109548a6e79ff75c458d19e2e51aa
1a00aa81f6ca32a692772c6a8bc908b62198154ce3eef1eeef346d80100b8e04
1ccce80e7030e34d80f73cd16ab97813946e3558cf0eb7f32dbb02b00d963e15
236f8ff3e520fbff79476c8613eea2795f62128d235f97ee91674079bac9b85d
25400737416b72decf36519e25c233c752f25bc80f9ff822bbecaefffe389b4d
26016ad443fa4a86f1d80355e2305c50b8f96b5910352beaca29d5d45c66bc43
2a10681e6824547e850f4de65c5b57cf60f2562bbc4d74eaba140f388aa259d0
2c2b5d230b9434f93f3f8862dff8b52ab0da1b30a4fd1f0da5716fb6c740e67d
2dd96e9598024279d7197725bfa520819f88a93a5ba8fd0c3eb1ea251a783b4d
2e0da7b78f6365146f0889b05e139587016e6b5e2e1a8d778dbc3272ad0a6278
2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e
3262f224525019328abfbed2f1402b5b110adbfb37a31127db04560a28a67efd
326967e9bfe3e9cc187856c7388a14bcec0c3f71b3d3cf5a5f025c3fbb4cb1a6
32b0ffbdaf288de753cd11b89e702c4c5c140b7a86037c852ebc341ad99c5f47
32b79f49ad238f7718e7ba9aa4cbb32e74a8a11a8a32dbcfdbfa926228c783f5
3806e3f5ee71b361e858e7aad0ead6b667d33e55163f71479c633acc4894713a
3ff66387417489de93fa393db6d511581ea6c3b5c75d35190309be9cd916a9a7
4196d95ab415218fc8dce5037601f39e1824f2e57c6ebebf5557ddb3f11b537c
491a1ceeb82c73bb1d9013d4f377f0990f4c72ae417f82e3b4ca91c09e4c22cd
494960fa1866c02f0b6df95691f1b95039e4bdfdd61bdcb361411f77039d11e2
4ca39f19028289d90d659caecec9201020bfaf38352ccfab852c402995c33aea
4d195a402297509314a9a38df1b8b94f627550aa13fc34aab675a749694e474e
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4f12e858e75c5787a99cd8a2ba5be7e559b52608fe0c0cb2ec90ee6253b4b463
51248129aced21c60268725b5fed0c1ad30538e3c5a1f562a01110959e09860d
5161c35319048d00e49f468cd6e4881cc0fe45b7bfd575d24d199f7e95408a90
53ef39c91fa4b4f2d68d15483dcd7a2bc4b089c954e7b5a6808c6560740c887f
58b7353a757017dd308bee27185666f77d6f5413086ea7ac4d2d9a4b433273e3
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6145a8b4d6b5fab0718c1b3402a9d113fc60b61cfc1d8b10e2f84453595aa6b6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dbe15e1c347a80ab3d5ede05b3f440e1777058d5e4af8a3f7f743bbba284ca
67ff0020c632ad43f9413647a5b6fdf8dcad828425629167f0e503cdbfba020d
6b4000feafa6f9ceea7216069ac77da23409eed54e40e07d484e3f786543c509
6f1398c004c3da42e7e24a314dcb82937620151d2a77b9fe5caaf86434505530
75970467cb86b0b4cdb68f26b899c0934fe4167f0cf22c116ca3036cf878ee58
7c0ff68f3ea57addced3fbba78d674ee942f110c6b30a356b26e018e175e9bc6
7e45b4d37176e798fae3526f1ba9a59fc730034f1c088abd04f7ea6768e4da1a
81f5051a7706193e4279d279605188a8af93b633d6255c6bb99007e8bca65c15
83caf68e957057a38b20a2b7f43a0f7bf7670cfde11df717a11afb8ae3d91c71
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
88f23579199fd0b19fda8b68926606d8a74ec50751c9f388e2199fd7444e6522
8af1fd28d482baf8c6335552c9ee5d7c7497e8e9669ef29c196ff5e5f0216860
9416410a7e49e52c9f0f0c4987e20c59da4409e8e5a9fc653480c6dd4097a0a0
9f30799e7ea5caddb7b79f074957baeaecccf1a31846993414008331c257d242
a2a8889182af0fdb435322d6982f98d90a5267d2b99d75baa699b5da6442eca9
a4d2c91234d76c14551fff4ff2c42cf835ce8238ecf505fe945eec2bc1d543bc
a79282289bfa54a950518c21c923487db4991da11229d774e027e90aaffa537f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b11ab6d92b15b89f17220db1a5a2cc31c48870dc93697ce56f138a604d8e1cfa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b76abca4ceaaf1788e86a4c3f6794567c085cb1b44220876d8953fcc3df0ac06
bb4490cf76597ff1b770a9a6c6eec16bd535e887cf7ec04b5130104395c2358c
bd4eeb9cf3b4e144e75af95bdb2f6c8d0bb35e7ab05ba56b28b8436dde7d9909
bdefd16086187a7226d648601607f345dae7a72cd226e61a2845101c30c0abd6
bf7fa0cf27306d4940efce4211bb66620e243244116cebe976f3fad71a46863b
bfa332508bc7a63ae4e97f83b4dcf1ee28cd437d518187bc2bac91b967605dc6
bfcee0b3b362cdd9dafb9c1eede7b9c44ac00f9b7e80ee8142f12dd548934b43
c382cbee5e91ad0cf174fbbee207b6e6332ee0bb9daf84d9991f0e7303e66508
c714c77f82a9415d2a4c6a05958232b02679e493c467d4e3a2dc4464b91882ee
caca9270c3bccfaa6645272295c7c53725a58b506f34d64645d94b30be6968f5
cf7e7f14cbf2618edbf9ba3c9e6283a238a8a73df95deba9bdbfac385d71f40a
d3c3db2b5256d7c5fa7f2502e752ced784853fe0fdd01d8a219bd9e041a579c7
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
dc515ad807ffe944101996409fd54411973af5168bbcdd70d49789933241b422
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e396327a0a7a644ba594ac9fa8aba75e7e85d5880cdc9115db61b4b932e5a076
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56ab268189cbb627550b08d3cb64988996c28b79a2c6a013553599fad070c78
e928fd56eb75f5909d953d76a6ec33742a0e9a8cda68205437fa2786b5386752
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f02165b5a4e05eceda936e58979a6f5befb2d879486d62f7c6e43060d5c920cf
f40d718d090a7d9fa4db0b9c2570cb05f7729e6c998c32c1c688f421ca7ac8c0
f51e3cd0fe2607463e037c559d694c5c488bcf81d5aa60ac5255186e3ad3aaab
f6a49a9369f82be76c7aa9ea5499501ecbf66082eb7828b4a670d5e9d7f982af
f78a3c34f111e66b6897c2c408804633bccf0b5e6dc4e7027c7a8865b473937c
f983d992f18cc6a5024a1fb94062872c8c1c9ddd3d936289cfb01b720a0c03d8

wl9.ansaria.workers.dev Open in urlscan Pro 104.21.26.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

129 Requests

91 %HTTPS

0 %IPv6

26 Domains

37 Subdomains

39 IPs

3 Countries

2833 kBTransfer

8244 kBSize

34 Cookies

44 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wl9.ansaria.workers.dev Open in urlscan Pro
104.21.26.91 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

91 %
HTTPS

0 %
IPv6

26
Domains

37
Subdomains

39
IPs

3
Countries

2833 kB
Transfer

8244 kB
Size

34
Cookies

129 HTTP transactions
5 data transactions