lame.buanzo.org Open in urlscan Pro
68.168.100.132 Public Scan

URL:
http://lame.buanzo.org/
Submission: On August 29 via manual (August 29th 2017, 8:17:57 pm UTC) from US

Summary HTTP 90 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 90 HTTP transactions. The main IP is 68.168.100.132, located in Overland Park, United States and belongs to CODERO-DFW - Codero, US. The main domain is lame.buanzo.org.

This is the only time lame.buanzo.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	68.168.100.132 68.168.100.132	18501 (CODERO-DFW) (CODERO-DFW - Codero)
16	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google Inc.)
3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
4	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
14	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE - Google Inc.)
3	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	54.240.190.20 54.240.190.20	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	52.94.218.7 52.94.218.7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	178.250.2.74 178.250.2.74	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.71 178.250.0.71	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.76 178.250.2.76	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.66 178.250.0.66	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	151.101.112.166 151.101.112.166	54113 (FASTLY) (FASTLY - Fastly)
1	52.44.233.178 52.44.233.178	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	54.72.198.94 54.72.198.94	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.22.202.128 52.22.202.128	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
6	2800:3f0:4001... 2800:3f0:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
90	19

3 68.168.100.132 (Overland Park, United States)

ASN18501 (CODERO-DFW - Codero, US)
PTR: mx5.mailfighter.net

lame.buanzo.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81f::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s24-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.240.190.20 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-240-190-20.jfk6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.218.7 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

aax-cpm.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.74 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: static.criteo.net

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.71 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: cas.criteo.com

cas.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.76 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: dis.criteo.com

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.66 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.112.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag-st.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.233.178 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-44-233-178.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.198.94 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-198-94.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.202.128 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-202-128.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2800:3f0:4001:80b::2003 (Argentina)

ASN15169 (GOOGLE - Google Inc., US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	179 KB
14	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net Failed	230 KB
10	contextweb.com tag.contextweb.com bh.contextweb.com tag-st.contextweb.com ads.contextweb.com	14 KB
9	gstatic.com www.gstatic.com csi.gstatic.com Failed	4 KB
6	criteo.com cas.criteo.com dis.criteo.com cat.fr.eu.criteo.com	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com aax-cpm.amazon-adsystem.com aax-eu.amazon-adsystem.com Failed	8 KB
4	googleapis.com translate.googleapis.com	91 KB
3	googletagservices.com www.googletagservices.com	8 KB
3	buanzo.org lame.buanzo.org	13 KB
2	demdex.net dpm.demdex.net	84 B
2	rlcdn.com idsync.rlcdn.com	86 B
2	criteo.net static.criteo.net	30 KB
2	google-analytics.com www.google-analytics.com	13 KB
1	google.com translate.google.com	770 B
0	quantserve.com Failed pixel.quantserve.com Failed
90	15

	Domain	Requested by
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net lame.buanzo.org
13	pagead2.googlesyndication.com	lame.buanzo.org pagead2.googlesyndication.com securepubads.g.doubleclick.net ads.contextweb.com
6	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	bh.contextweb.com	lame.buanzo.org
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net
4	translate.googleapis.com	translate.google.com translate.googleapis.com
3	www.gstatic.com	lame.buanzo.org
3	www.googletagservices.com	lame.buanzo.org c.amazon-adsystem.com
3	lame.buanzo.org	lame.buanzo.org
2	dpm.demdex.net	lame.buanzo.org ads.contextweb.com
2	idsync.rlcdn.com	lame.buanzo.org
2	ads.contextweb.com	tag-st.contextweb.com
2	tag-st.contextweb.com	tag.contextweb.com
2	tag.contextweb.com	securepubads.g.doubleclick.net
2	cat.fr.eu.criteo.com	cas.criteo.com
2	dis.criteo.com	lame.buanzo.org
2	cas.criteo.com	static.criteo.net
2	static.criteo.net	securepubads.g.doubleclick.net
2	aax-cpm.amazon-adsystem.com	c.amazon-adsystem.com
2	c.amazon-adsystem.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	lame.buanzo.org
1	translate.google.com	lame.buanzo.org
0	aax-eu.amazon-adsystem.com Failed	c.amazon-adsystem.com
0	pixel.quantserve.com Failed	lame.buanzo.org
0	googleads.g.doubleclick.net Failed	pagead2.googlesyndication.com
90	25

This site contains links to these domains. Also see Links.

Domain
www.beatport.com
www.virustotal.com
blogs.buanzo.com.ar
wiki.audacityteam.org
lame3.buanzo.com.ar
translate.google.com
www.audacityteam.org
manual.audacityteam.org
forum.audacityteam.org
soundcloud.com
www.solucija.com
www.free-css-templates.com
www.minimalistic-design.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net Google Internet Authority G2	`2017-08-15` - `2017-11-07`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-08-15` - `2017-11-07`	3 months	crt.sh
*.googleapis.com Google Internet Authority G2	`2017-08-15` - `2017-11-07`	3 months	crt.sh
*.googleusercontent.com Google Internet Authority G2	`2017-08-15` - `2017-11-07`	3 months	crt.sh
*.google.com Google Internet Authority G2	`2017-08-15` - `2017-11-07`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G2	`2017-08-15` - `2017-11-07`	3 months	crt.sh

This page contains 16 frames:

Primary Page: http://lame.buanzo.org/
Frame ID: 14705.1
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20170823/r20170110/zrt_lookup.html
Frame ID: 14705.3
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170823/r20170110/show_ads_impl.js
Frame ID: 14705.2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8555390920792337&format=728x90&output=html&h=90&slotname=2222257188&adk=267572472&adf=497884691&w=728&lmt=1504037838&flash=0&url=http%3A%2F%2Flame.buanzo.org%2F&wgl=1&dt=1504037838256&bpp=7&bdt=211&fdt=9&idt=112&shv=r20170823&cbv=r20170110&saldr=aa&correlator=986499056054&frm=20&ga_vid=292573489.1504037838&ga_sid=1504037838&ga_hid=792587402&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=172&biw=1585&bih=1200&abxe=1&eid=575144605%2C21060850&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=MmshnPimmg&p=http%3A//lame.buanzo.org&dtd=133
Frame ID: 14705.6
Requests: 1 HTTP requests in this frame

Frame: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Frame ID: 14705.4
Requests: 27 HTTP requests in this frame

Frame: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Frame ID: 14705.5
Requests: 33 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170823/r20170110/show_ads_impl.js
Frame ID: 14705.11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4276969157128104&output=html&h=90&slotname=2038096409%2F3514804289%2F6468220049&adk=277907342&adf=2048423887&w=728&lmt=1504037839&ea=0&flash=0&url=http%3A%2F%2Flame.buanzo.org%2F&wgl=1&dt=1504037839552&bpp=11&bdt=1200&fdt=13&idt=31&shv=r20170823&cbv=r20170110&saldr=sa&correlator=986499056054&frm=23&ga_vid=292573489.1504037838&ga_sid=1504037839&ga_hid=62466689&ga_fc=0&pv=2&iag=15&icsg=2&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=52&ady=1559&biw=1585&bih=1200&isw=728&ish=90&ifk=791652814&eid=575144605%2C33895410%2C21060850&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&ppjl=u&pfx=0&fu=20&bc=1&ifi=3&dtd=48
Frame ID: 14705.12
Requests: 1 HTTP requests in this frame

Frame: http://bh.contextweb.com/bh/visitormatch?tag=568482&pid=560224
Frame ID: 14705.14
Requests: 1 HTTP requests in this frame

Frame: http://pixel.quantserve.com/pixel/p-01-0VIaSjnOLg.gif?tags=CONTEXTWEB.IAB24-2,PUBLISHER.560224,,CAMPAIGN.0.0,,ADSIZE.728X90,ZIPCODE.91710,PUBLISHERDOMAIN.lame.buanzo.org
Frame ID: 14705.15
Requests: 1 HTTP requests in this frame

Frame: http://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=simplifi
Frame ID: 14705.16
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170823/r20170110/show_ads_impl.js
Frame ID: 14705.17
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4276969157128104&output=html&h=90&slotname=2038096409%2F4655108129%2F7468771169&adk=3904954725&adf=3769760005&w=728&lmt=1504037839&ea=0&flash=0&url=http%3A%2F%2Flame.buanzo.org%2F&wgl=1&dt=1504037839668&bpp=12&bdt=1319&fdt=13&idt=15&shv=r20170823&cbv=r20170110&saldr=sa&correlator=986499056054&frm=23&ga_vid=292573489.1504037838&ga_sid=1504037839&ga_hid=1896086888&ga_fc=0&pv=1&iag=15&icsg=2&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=92&ady=918&biw=1585&bih=1200&isw=728&ish=90&ifk=2954811709&eid=575144605%2C21060850&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=20&bc=1&ifi=3&dtd=20
Frame ID: 14705.18
Requests: 1 HTTP requests in this frame

Frame: http://bh.contextweb.com/bh/visitormatch?tag=574391&pid=560224
Frame ID: 14705.20
Requests: 1 HTTP requests in this frame

Frame: http://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=simplifi
Frame ID: 14705.22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

90
Requests

38 %
HTTPS

33 %
IPv6

15
Domains

25
Subdomains

19
IPs

4
Countries

594 kB
Transfer

2259 kB
Size

0
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: http://www.beatport.com/label/severus-records/43445
Title: Help support this site - Check out our Music @ SEVERUS RECORDS.

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/url/b89b8745869cab67886cce15f77e00e9fb4fc48e771073eed59ed1e2d87e2291/analysis/
Title: by clicking here

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/90e9d629b4e528b77c6f51f185c3e81bb3a4eca7d6d53f049ed9ef7787464e8b/analysis/
Title: Lame_v3.99.3_for_Windows.exe HERE

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/abf3eee0c2556f6efa0d4446df7244778a61d6c3c339a4ecabaccdd85568e4e8/analysis/
Title: ffmpeg-win-2.2.2.exe here

Search URL Search Domain Scan URL

URL: http://blogs.buanzo.com.ar/futurabanda/
Title: this page

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/
Title: www.virustotal.com

Search URL Search Domain Scan URL

URL: http://wiki.audacityteam.org/index.php?title=Lame_Installation#Windows_Instructions
Title: HERE

Search URL Search Domain Scan URL

URL: http://lame3.buanzo.com.ar/ffmpeg-win-2.2.2.zip
Title: ffmpeg-win-2.2.2.zip

Search URL Search Domain Scan URL

URL: http://lame3.buanzo.com.ar/ffmpeg-win-2.2.2.exe
Title: ffmpeg-win-2.2.2.exe

Search URL Search Domain Scan URL

URL: http://lame3.buanzo.com.ar/FFmpeg_v0.6.2_for_Audacity_on_Windows.exe
Title: FFmpeg_v0.6.2_for_Audacity_on_Windows.exe

Search URL Search Domain Scan URL

URL: http://lame3.buanzo.com.ar/FFmpeg_v0.6.2_for_Audacity_on_Windows.zip
Title: ZIP version - here

Search URL Search Domain Scan URL

URL: http://lame3.buanzo.com.ar/ffmpeg-mac-2.2.2.dmg
Title: DMG - ffmpeg-mac-2.2.2.dmg

Search URL Search Domain Scan URL

URL: http://lame3.buanzo.com.ar/ffmpeg-mac-2.2.2.zip
Title: ffmpeg-mac-2.2.2.zip

Search URL Search Domain Scan URL

URL: http://lame3.buanzo.com.ar/FFmpeg_v0.6.2_for_Audacity_on_OSX.dmg
Title: FFmpeg (0.6.2 OSX 10.4+ DMG)

Search URL Search Domain Scan URL

URL: http://lame3.buanzo.com.ar/FFmpeg_v0.6.2_for_Audacity_on_OSX.zip
Title: here

Search URL Search Domain Scan URL

URL: http://lame3.buanzo.com.ar/FFmpeg_v0.6.2_for_Audacity_on_OSX_new.dmg
Title: this new one)

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: http://www.audacityteam.org/
Title: Audacity(R) Audio Editor

Search URL Search Domain Scan URL

URL: http://manual.audacityteam.org/o/
Title: Audacity MANUAL

Search URL Search Domain Scan URL

URL: http://forum.audacityteam.org/
Title: Audacity FORUM

Search URL Search Domain Scan URL

URL: http://soundcloud.com/no-carrier
Title: NO CARRIER (my music)

Search URL Search Domain Scan URL

URL: http://www.solucija.com/
Title: Luka Cvrk

Search URL Search Domain Scan URL

URL: http://www.free-css-templates.com/
Title: David Herreman

Search URL Search Domain Scan URL

URL: http://www.minimalistic-design.com/
Title: Minimalistic Design

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 4

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

Request 8

http://www.google-analytics.com/r/collect?v=1&_v=j60&a=792587402&t=pageview&_s=1&dl=http%3A%2F%2Flame.buanzo.org%2F&ul=en-us&de=UTF-8&dt=free%20mp3%20converter%20-%20Lame%20for%20Audacity%20-%20FFM...
https://www.google-analytics.com/r/collect?v=1&_v=j60&a=792587402&t=pageview&_s=1&dl=http%3A%2F%2Flame.buanzo.org%2F&ul=en-us&de=UTF-8&dt=free%20mp3%20converter%20-%20Lame%20for%20Audacity%20-%20FF...

Request 46

http://sync.mathtag.com/sync/img?type=sync&mt_exid=20&redir=http%3a%2f%2fdis.criteo.com%2frex%2fmatch.aspx%3fc%3d2%26uid%3d%5bMM_UUID%5d
http://dis.criteo.com/rex/match.aspx?c=2&uid=ee6059a6-cbcf-4600-ae40-dfb1448a68d7

Request 49

http://pixel.rubiconproject.com/sync.php?cookie_redirect=1&p=criteo&redir=http%3a%2f%2fdis.criteo.com%2frex%2fmatch.aspx%3fc%3d28%26uid%3duid
http://dis.criteo.com/rex/match.aspx?c=28&uid=J6Y1AO2V-Q-LT4A

Request 55

http://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEE2l_poO9Cu34MuKN7RqwdM&google_cver=1

Request 56

http://match.adsrvr.org/track/cmb/contextweb?
http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=90c890c7-72b7-4318-bdf2-7b581645d20b

Request 60

http://match.adsrvr.org/track/cmf/contextweb
http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=90c890c7-72b7-4318-bdf2-7b581645d20b

Request 61

http://sync.mathtag.com/sync/img?mt_exid=11&type=sync&redir=http%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D530739%26ev%3D%5BMM_UUID%5D
http://bh.contextweb.com/bh/rtset?do=add&pid=530739&ev=ee6059a6-cbcf-4600-ae40-dfb1448a68d7

Request 65

http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk
http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk&redirect=1

Request 66

http://dpm.demdex.net/ibs:dpid=96678&dpuuid=9n1gGoaMAetk
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=9n1gGoaMAetk

Request 75

http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk
http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk&redirect=1

90 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
lame.buanzo.org/ 13 KB
13 KB 441ms
145ms Document
text/html 68.168.100.132
Codero

General

Check archive.org

Show headers Download Go to

Full URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 68.168.100.132 Overland Park, United States, ASN18501 (CODERO-DFW - Codero, US),
Reverse DNS: mx5.mailfighter.net
Software: lighttpd/1.4.33 / PHP/5.5.9-1ubuntu4.21
Resource Hash: 60e10e3b6eced8717a382fc6a956130a59c244781477c9c45565c08b5d7b869b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:17 GMT
Server: lighttpd/1.4.33
X-Powered-By: PHP/5.5.9-1ubuntu4.21
Transfer-Encoding: chunked
Content-type: text/html

GET
H/1.1 200
OK style.css
lame.buanzo.org/ 1 KB
582 B 145ms
145ms Stylesheet
text/css 68.168.100.132
Codero

General

Check archive.org

Show headers Download Go to

Full URL: http://lame.buanzo.org/style.css
Requested by: Host: lame.buanzo.org
URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 68.168.100.132 Overland Park, United States, ASN18501 (CODERO-DFW - Codero, US),
Reverse DNS: mx5.mailfighter.net
Software: lighttpd/1.4.33 /
Resource Hash: cd219a343d3736b25c93fcc9b9eef9956e8453e8cec89fc5367bfac6feed5e82

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Mar 2014 04:14:05 GMT
Server: lighttpd/1.4.33
ETag: "3708104422"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 582

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ 6 KB
3 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

c9e99b49916b15f789b59ef12b353b7d699f79c4b9b827f8589ed696976a8c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 20:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Aug 2017 00:15:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 2829
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2017 20:17:18 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 62 KB
23 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

32882f485f806a91b3d09093724ef41f5f738000f7f4ab1cfb4214d5186322e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:16:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 25
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 10156964732646382724
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 23080
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 Aug 2017 21:16:53 GMT

GET
H/1.1 200
OK element.js Show response
translate.google.com/translate_a/ 2 KB
770 B 23ms
17ms Script
text/javascript 2a00:1450:4001:824::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

26dc979a6908d24b8f76fbb81d1b2d48bda07e8de73408d1aa45eac1421ff47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: HTTP server (unknown)
Content-Language: en
Cache-Control: no-cache, must-revalidate
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 770
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

32 KB
13 KB

7ms
6ms

Script
text/javascript

2a00:1450:4001:824::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

522cc831f77209aa434abd05e5a9a114ec3aab233232394877ea5446130584de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2017 01:11:09 GMT
server: Golfe2
age: 3732
date: Tue, 29 Aug 2017 19:15:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 13472
expires: Tue, 29 Aug 2017 21:15:06 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bar1.png
lame.buanzo.org/ 110 B
110 B 145ms
145ms Image
image/png 68.168.100.132
Codero

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lame.buanzo.org/bar1.png
Requested by: Host: lame.buanzo.org
URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 68.168.100.132 Overland Park, United States, ASN18501 (CODERO-DFW - Codero, US),
Reverse DNS: mx5.mailfighter.net
Software: lighttpd/1.4.33 /
Resource Hash: bc1ab6d17de6a7f53e8c7c4d642f5e16875437e5824dd90e7bc732940e2988df

Request headers

Referer: http://lame.buanzo.org/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:18 GMT
Last-Modified: Tue, 20 Sep 2011 16:08:12 GMT
Server: lighttpd/1.4.33
Accept-Ranges: bytes
ETag: "938251759"
Content-Length: 110
Content-Type: image/png

GET
S 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 29ms
6ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

3cd4d66eacb85df0c8ac8a7223eb03f6ca859fd593dbb57a48bf15f74f5265e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 19:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Jan 2017 23:15:00 GMT
server: sffe
age: 1466
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 3619
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2017 20:52:52 GMT

GET
S 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 3 KB
1 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:824::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

972f720005b7ec27ddfce720e6d01f3e921aedce7ab19cfb1d1e2f937c538902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 20:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2017 21:45:00 GMT
server: sffe
age: 328
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 1512
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2017 21:11:50 GMT

GET
S

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j60&a=792587402&t=pageview&_s=1&dl=http%3A%2F%2Flame.buanzo.org%2F&ul=en-us&de=UTF-8&dt=free%20mp3%20converter%20-%20Lame%20for%20Audacity%20-%20FFM...
https://www.google-analytics.com/r/collect?v=1&_v=j60&a=792587402&t=pageview&_s=1&dl=http%3A%2F%2Flame.buanzo.org%2F&ul=en-us&de=UTF-8&dt=free%20mp3%20converter%20-%20Lame%20for%20Audacity%20-%20FF...

35 B
53 B

14ms
14ms

Image
image/gif

2a00:1450:4001:824::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j60&a=792587402&t=pageview&_s=1&dl=http%3A%2F%2Flame.buanzo.org%2F&ul=en-us&de=UTF-8&dt=free%20mp3%20converter%20-%20Lame%20for%20Audacity%20-%20FFMpeg%20for%20Audacity%20-%20Free%20and%20Safe%20downloads&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAAABI~&jid=545563140&gjid=895023985&cid=292573489.1504037838&tid=UA-49662616-1&_gid=91032772.1504037838&_r=1&z=118763139

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2017 20:17:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j60&a=792587402&t=pageview&_s=1&dl=http%3A%2F%2Flame.buanzo.org%2F&ul=en-us&de=UTF-8&dt=free%20mp3%20converter%20-%20Lame%20for%20Audacity%20-%20FFMpeg%20for%20Audacity%20-%20Free%20and%20Safe%20downloads&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAAABI~&jid=545563140&gjid=895023985&cid=292573489.1504037838&tid=UA-49662616-1&_gid=91032772.1504037838&_r=1&z=118763139
Non-Authoritative-Reason: HSTS

GET
S 200 pubads_impl_146.js Show response
securepubads.g.doubleclick.net/gpt/ 204 KB
71 KB 6ms
6ms Script
text/javascript 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

04dbd127f5ae130974c7b8732823636dc1099ee31ffb7c36e4614bbb8826afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 22 Aug 2017 21:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598959
status: 200
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 72659
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Aug 2017 20:42:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Aug 2018 21:54:39 GMT

GET
S 200 element_main.js Show response
translate.googleapis.com/element/TE_20170814_01/e/js/element/ 236 KB
85 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20170814_01/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

1206db8d76be15bc5f8c48968f10a08f8444fd4f51054621fb768c99a91b40fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Thu, 17 Aug 2017 22:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030067
status: 200
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 86957
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Aug 2017 18:00:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Aug 2018 22:09:31 GMT

GET
S 200 ca-pub-8555390920792337.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
134 B 22ms
6ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8555390920792337.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 09:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2017 21:21:21 GMT
server: sffe
age: 39617
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2017 21:17:01 GMT

GET zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20170823/r20170110/ Frame 1470 0
0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170823/r20170110/ Frame 1470 190 KB
69 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170823/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

6714b7f0fb58590fd05cc03eac6bac5b285cebe007ecb0e991f99c711c73f446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 14906411358530502870
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 71156
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 Aug 2017 20:17:18 GMT

GET
S 200 l Show response
translate.googleapis.com/translate_a/ 3 KB
939 B 18ms
18ms Script
text/javascript 2a00:1450:4001:824::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=_callbacks____0j6y1andq

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20170814_01/e/js/element/element_main.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

defb74d13026c171cd647335eff84beccf1e83e3d4bb1680610281a227a41709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 20:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
status: 200
cache-control: private, max-age=86400
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 921
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2017 20:17:18 GMT

GET
S 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
834 B 30ms
7ms Image
image/png 2a00:1450:4001:824::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Wed, 02 Aug 2017 17:59:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 2341077
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 825
x-xss-protection: 1; mode=block
expires: Thu, 02 Aug 2018 17:59:21 GMT

GET
S 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
919 B 30ms
6ms Image
image/png 2a00:1450:4001:824::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Thu, 03 Aug 2017 14:11:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Jan 2017 15:45:00 GMT
server: sffe
age: 2268378
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 910
x-xss-protection: 1; mode=block
expires: Fri, 03 Aug 2018 14:11:00 GMT

GET
S 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 26ms
6ms Image
image/png 2a00:1450:4001:824::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Thu, 03 Aug 2017 13:10:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 2272028
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 1847
x-xss-protection: 1; mode=block
expires: Fri, 03 Aug 2018 13:10:10 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
4 KB 196ms
196ms Script
text/javascript 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4310893726788794&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&eid=108809103%2C108809155&sc=0&sfv=1-0-10&iu_parts=22152718%2Cbuanzo_middle%2Cbuanzo_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=970x90%7C728x90%2C1x1%7C728x90&cookie_enabled=1&abxe=1&lmt=1504037838&dt=1504037838339&frm=20&biw=1585&bih=1200&oid=3&adxs=92%2C52&adys=918%2C1578&adks=3589600373%2C1143147102&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Flame.buanzo.org%2F&dssz=16&icsg=139784&std=0&vrg=146&vis=1&ga_vid=292573489.1504037838&ga_sid=1504037838&ga_hid=792587402

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

9adc728fa9613ec8b957dfe20619d1f5bb630841c927c935bca6624c68d5c6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 20:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 4191
x-xss-protection: 1; mode=block
google-lineitem-id: 140323278,127374198
pragma: no-cache
server: cafe
google-creative-id: 107888025198,107871497598
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 1470 0
0

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ 83 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

7bfac2f5711fdf30fcb666aea052f5526accc1d4f10d51d539463221cb85d7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 19:54:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 1394
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 16531997690405477521
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 31133
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 Aug 2017 20:54:04 GMT

GET
H/1.1 200
OK amzn_ads.js Show response
c.amazon-adsystem.com/aax2/ Frame 1470 12 KB
4 KB 175ms
88ms Script
application/javascript 54.240.190.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js
Protocol: HTTP/1.1
Server: 54.240.190.20 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-240-190-20.jfk6.r.cloudfront.net
Software: Server /
Resource Hash: 4bd7db4cf4edd4c8c8fc5f86b3909a81feb99aa92179d61017716b2d750a4486

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Thu, 17 Aug 2017 20:09:17 GMT
Content-Encoding: gzip
Server: Server
Age: 471
ETag: dbd7d0cff324329fa8d4b918060533ed
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ac34121093afdc7c5e89263bece028e1.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4001
X-Amz-Cf-Id: ieyPYV03lPw4TkYiKRG0K1q_MicDKQQQhp5090QgIfvs7YzytAgaGA==

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20170823/r20110914/activeview/ Frame 1470 29 KB
11 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:824::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170823/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

c68a986da91a45df94f37e198c73cb5f93e22e23eabfc8c3a9a258f998dc0af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Thu, 24 Aug 2017 03:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 11189
x-xss-protection: 1; mode=block
server: cafe
etag: 10103094743939637188
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2017 03:55:05 GMT

GET
H/1.1 200
OK amzn_ads.js Show response
c.amazon-adsystem.com/aax2/ Frame 1470 12 KB
4 KB 176ms
89ms Script
application/javascript 54.240.190.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js
Protocol: HTTP/1.1
Server: 54.240.190.20 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-240-190-20.jfk6.r.cloudfront.net
Software: Server /
Resource Hash: 4bd7db4cf4edd4c8c8fc5f86b3909a81feb99aa92179d61017716b2d750a4486

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 20:09:18 GMT
Content-Encoding: gzip
Server: Server
Age: 471
ETag: dbd7d0cff324329fa8d4b918060533ed
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 1c618ea0f595386e66803b2a07e0f4dc.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4001
X-Amz-Cf-Id: nxCvcAQYafKJVseur2Ou16BXSv6ldhx5OFerS9uM3ueAdtRYe_EKTw==

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20170823/r20110914/activeview/ Frame 1470 29 KB
11 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170823/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

c68a986da91a45df94f37e198c73cb5f93e22e23eabfc8c3a9a258f998dc0af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Thu, 24 Aug 2017 03:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 11189
x-xss-protection: 1; mode=block
server: cafe
etag: 10103094743939637188
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2017 03:55:05 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1470 0
0 14ms
14ms Image
text/html 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvq4oGEwFbW0AiZcGFIZjDfyT19E05JDL_AvW9ChxXYnORbEn2PWeSuz7aMEX2h8vXQ-eY2mYgeYQTeJG6PobrSG_iI_srcrUFhkf7AZz-SurHihSdPMzsLC3Q_--ilcDPJfLjERel52k858cddweGGamelHH_QMGPWFs1zKOqllugFq2vg4pVICt-grdkgseeX9wyFmw9AYPalnBtF-vrHNZW4Qm6qerYi_lS-cu9BjpazHX1FKdcQbQ&sig=Cg0ArKJSzMOcqIbkfBKaEAE&urlfix=1&adurl=

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Aug 2017 20:17:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2017 20:17:18 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1470 0
0 15ms
14ms Image
text/html 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm3VWGd6yf4H1OAIqVwfbaDagj4eiPH1fVqsOeJITnKWzoTUEd72v4iyQN-UdNLPLCuust4uX1cTqQIh2GPEF48bOl_CFwPpXlUmfou_a89gNSpAefmqhu0lHVnzAJglkgybZAWkmuB9TwPU_g61b5Vul3aUG6nvfBRM6YZzgjK7f12uoLJNpeTm43XwizQ1C6VRbgdu4japNSGPYcdL5OXjpIuFSgDinbkhsgDfZG59xeXKTNbcbNgQ&sig=Cg0ArKJSzLAksVJf8wikEAE&urlfix=1&adurl=

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Aug 2017 20:17:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2017 20:17:18 GMT

GET
H/1.1 200
OK getad Show response
aax-cpm.amazon-adsystem.com/x/ Frame 1470 316 B
270 B 74ms
45ms Script
text/javascript 52.94.218.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://aax-cpm.amazon-adsystem.com/x/getad?jsd=1&src=3000&slot_uuid=5a216bb1-4dee-47e2-bd35-1c7d497d832f&c=100&u=http%3A%2F%2Flame.buanzo.org%2F&cb=5893044
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Protocol: HTTP/1.1
Server: 52.94.218.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: fefeaf0ab826564f7beb4370f5ffdc4fba1f0aeaba706a8e8b3a61944244f147

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:18 GMT
Content-Encoding: gzip
Server: Server
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=2, max=3
Content-Length: 270

GET
H/1.1 200
OK getad Show response
aax-cpm.amazon-adsystem.com/x/ Frame 1470 303 B
262 B 74ms
46ms Script
text/javascript 52.94.218.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://aax-cpm.amazon-adsystem.com/x/getad?jsd=1&src=3000&slot_uuid=22941e74-6859-4471-80a9-05538bc003e4&c=100&u=http%3A%2F%2Flame.buanzo.org%2F&cb=6193007
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Protocol: HTTP/1.1
Server: 52.94.218.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: 2be41b7a9a044079c9d94ce46db30e9b3a06d67460da130042f35cacd129ba6a

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:18 GMT
Content-Encoding: gzip
Server: Server
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=2, max=9
Content-Length: 262

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1470 6 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

c9e99b49916b15f789b59ef12b353b7d699f79c4b9b827f8589ed696976a8c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 20:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Aug 2017 00:15:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 2829
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2017 20:17:18 GMT

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1470 6 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

c9e99b49916b15f789b59ef12b353b7d699f79c4b9b827f8589ed696976a8c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 20:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Aug 2017 00:15:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 2829
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2017 20:17:18 GMT

GET
S 200 pubads_impl_146.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1470 204 KB
71 KB 6ms
5ms Script
text/javascript 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

04dbd127f5ae130974c7b8732823636dc1099ee31ffb7c36e4614bbb8826afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 22 Aug 2017 21:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598959
status: 200
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 72659
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Aug 2017 20:42:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Aug 2018 21:54:39 GMT

GET
S 200 pubads_impl_146.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1470 204 KB
71 KB 6ms
6ms Script
text/javascript 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

04dbd127f5ae130974c7b8732823636dc1099ee31ffb7c36e4614bbb8826afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 22 Aug 2017 21:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598959
status: 200
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 72659
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Aug 2017 20:42:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Aug 2018 21:54:39 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-10/html/ Frame 1470 3 KB
2 KB 6ms
5ms Other
text/html 2a00:1450:4001:824::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-10/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

48098da7b08a94c3c3c814c6c7f1ec8caf664c16fd02771b86ea4a88469ba11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Purpose: prefetch
Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 22 Aug 2017 01:59:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 26 Jul 2017 14:03:10 GMT
Server: sffe
Age: 670685
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, immutable, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1789
X-XSS-Protection: 1; mode=block
Expires: Wed, 22 Aug 2018 01:59:13 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1470 9 KB
4 KB 227ms
226ms Script
text/javascript 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=650551880878562&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809144%2C108809107%2C21060062%2C21060693%2C21060609&sc=0&sfv=1-0-10&iu=%2F22152718%2Fbuanzo_bottom_DC&sz=728x90&eri=2&cookie=ID%3Db84ae08fc13c6e58%3AT%3D1504037838%3AS%3DALNI_MYASVE222DzIeEcdsFXZoKJ6h0_qA&lmt=1504037838&dt=1504037838859&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adk=1316953925&ifi=1&ifk=791652814&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Flame.buanzo.org%2F&ref=http%3A%2F%2Flame.buanzo.org%2F&top=http%3A%2F%2Flame.buanzo.org%2F&dssz=8&icsg=10&std=0&vrg=146&rumc=7086835195397210&rume=1&vis=1&ga_vid=292573489.1504037838&ga_sid=1504037839&ga_hid=62466689

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

13563f5861c369878a05fe1cacd89d46d98a47e5297b3afa6e5d30cc5b40f6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 20:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 3644
x-xss-protection: 1; mode=block
google-lineitem-id: 128851398
pragma: no-cache
server: cafe
google-creative-id: 107872808718
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rum.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1470 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

36ec60923a812c9e8f0579b28f33f2de61cede5822c29f27f46c952892ddd08d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 19:29:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 2890
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 11245514372327917962
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 13922
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 Aug 2017 20:29:08 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1470 7 KB
3 KB 207ms
207ms Script
text/javascript 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2355803416287174&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809107%2C108809152%2C21060821&sc=0&sfv=1-0-10&iu=%2F22152718%2Fbuanzo_middle_DC&sz=970x90%7C728x90&eri=2&cookie=ID%3Db84ae08fc13c6e58%3AT%3D1504037838%3AS%3DALNI_MYASVE222DzIeEcdsFXZoKJ6h0_qA&lmt=1504037838&dt=1504037838881&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adk=3053842094&ifi=1&ifk=2954811709&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Flame.buanzo.org%2F&ref=http%3A%2F%2Flame.buanzo.org%2F&top=http%3A%2F%2Flame.buanzo.org%2F&dssz=8&icsg=10&std=0&vrg=146&vis=1&ga_vid=292573489.1504037838&ga_sid=1504037839&ga_hid=1896086888

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

cc5fd3466f6db3bd945749780fce0bd216fa8b13b376c317b88d5e4d7276160c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 20:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 3053
x-xss-protection: 1; mode=block
google-lineitem-id: 140323398
pragma: no-cache
server: cafe
google-creative-id: 107888025438
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-10/html/ Frame 1470 3 KB
2 KB 6ms
5ms Other
text/html 2a00:1450:4001:824::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-10/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

48098da7b08a94c3c3c814c6c7f1ec8caf664c16fd02771b86ea4a88469ba11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Purpose: prefetch
Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 22 Aug 2017 01:59:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 26 Jul 2017 14:03:10 GMT
Server: sffe
Age: 670685
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, immutable, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1789
X-XSS-Protection: 1; mode=block
Expires: Wed, 22 Aug 2018 01:59:13 GMT

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ Frame 1470 51 KB
15 KB 26ms
14ms Script
text/javascript 178.250.2.74
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://static.criteo.net/js/ld/publishertag.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js
Protocol: HTTP/1.1
Server: 178.250.2.74 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: static.criteo.net
Software: nginx /
Resource Hash: 41c4161146ad2423c111322cd8e3a9517e3a3df87d5cab6f52e6c8bf789942a4

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Sep 2007 08:50:25 GMT
Server: nginx
ETag: W/"599e925b-cc7b"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Wed, 30 Aug 2017 20:17:19 GMT

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1470 83 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

7bfac2f5711fdf30fcb666aea052f5526accc1d4f10d51d539463221cb85d7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Timing-Allow-Origin: *
Date: Tue, 29 Aug 2017 19:54:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 1394
ETag: 16531997690405477521
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 31133
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 Aug 2017 20:54:04 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1470 0
0 15ms
15ms Image
text/html 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslAB00RvqlnFeKscqWt0KA3dyGu6-gwFAJ8rCcFHFmXlH9lgQRa-RTh8GSFQLDHH46o53yTcqwlVqX5oi3MeOep7xMNYUCoSNEH4JbEC_Zc5xCMPb4y5raIwLy8tNuShD-0i2q2Wlsg_P42MJV0vhfKIAplAAMkN7VPJPHkL32Q6OVOZO-YU2H6SRMlQFfvwmhpwEY3uq4LQHsvFziPyinraFdmrY20_pf0JZ1IXOWUVyjyHNEnkfVkbjydg&sig=Cg0ArKJSzAoYqnb8306IEAE&urlfix=1&adurl=

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Aug 2017 20:17:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ Frame 1470 51 KB
15 KB 26ms
13ms Script
text/javascript 178.250.2.74
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://static.criteo.net/js/ld/publishertag.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js
Protocol: HTTP/1.1
Server: 178.250.2.74 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: static.criteo.net
Software: nginx /
Resource Hash: 41c4161146ad2423c111322cd8e3a9517e3a3df87d5cab6f52e6c8bf789942a4

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Sep 2007 08:50:25 GMT
Server: nginx
ETag: W/"599e925b-cc7b"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Wed, 30 Aug 2017 20:17:19 GMT

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1470 83 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

7bfac2f5711fdf30fcb666aea052f5526accc1d4f10d51d539463221cb85d7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Timing-Allow-Origin: *
Date: Tue, 29 Aug 2017 19:54:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 1394
ETag: 16531997690405477521
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 31133
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 Aug 2017 20:54:04 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1470 0
0 14ms
14ms Image
text/html 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFLoAO0NsjGtElDeISrQIIaiUZT7Ll0PV_UyA6z72FNhvZZ6wR8qDzdQxCnTw4xfvY8Tg-dY3omXNDh9epZjemEw1Mupid_4ItnSiLOUQ44MVGd5dNmDzKFws_mdnrNOx8KwHla4BQydjCZyON036KBVMn7lu90zFATSPzEkfafr41HkOGjM7BHswnk5ZQcnTZ3mN0R9Og3-XYT5iulEdgVdplvPjQRcF6-SMSWektMV0ZoAU0PkCT90FYFA&sig=Cg0ArKJSzCDkLQbd43l6EAE&urlfix=1&adurl=

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Aug 2017 20:17:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ajs.php Show response
cas.criteo.com/delivery/ Frame 1470 1 KB
999 B 38ms
21ms Script
text/javascript 178.250.0.71
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://cas.criteo.com/delivery/ajs.php?ptv=24&zoneid=699800&cb=6400590482&nodis=1&charset=UTF-8&dc=1&atfr=0&loc=http%3A%2F%2Flame.buanzo.org%2F
Requested by: Host: static.criteo.net
URL: http://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Server: 178.250.0.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: cas.criteo.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2d2495fae3efb07f9f1e420001defa9ef3445869b48a02dac197caef93dbc827

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
P3P: CP='CUR ADM OUR NOR STA NID'
Content-Length: 999
Pragma: no-cache
Server: Microsoft-IIS/8.5
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ajs.php Show response
cas.criteo.com/delivery/ Frame 1470 1 KB
993 B 39ms
22ms Script
text/javascript 178.250.0.71
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://cas.criteo.com/delivery/ajs.php?ptv=24&zoneid=771973&cb=85562851258&nodis=1&charset=UTF-8&dc=1&atfr=1&loc=http%3A%2F%2Flame.buanzo.org%2F
Requested by: Host: static.criteo.net
URL: http://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Server: 178.250.0.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: cas.criteo.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3e8f792c98c0bbff383dabea3fd6427e588dd87838634c81615f96c8ab962628

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
P3P: CP='CUR ADM OUR NOR STA NID'
Content-Length: 993
Pragma: no-cache
Server: Microsoft-IIS/8.5
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match.aspx
dis.criteo.com/rex/ Frame 1470
Redirect Chain

http://sync.mathtag.com/sync/img?type=sync&mt_exid=20&redir=http%3a%2f%2fdis.criteo.com%2frex%2fmatch.aspx%3fc%3d2%26uid%3d%5bMM_UUID%5d
http://dis.criteo.com/rex/match.aspx?c=2&uid=ee6059a6-cbcf-4600-ae40-dfb1448a68d7

43 B
43 B

14ms
13ms

Image
image/gif

178.250.2.76
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dis.criteo.com/rex/match.aspx?c=2&uid=ee6059a6-cbcf-4600-ae40-dfb1448a68d7
Requested by: Host: lame.buanzo.org
URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 178.250.2.76 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: dis.criteo.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:18 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
P3P: CP='CUR ADM OUR NOR STA NID'
Cache-Control: private
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Server: MT3 1.15.12.12 775330a RELEASE ewr-pixel-x33
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: http://dis.criteo.com/rex/match.aspx?c=2&uid=ee6059a6-cbcf-4600-ae40-dfb1448a68d7
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 29 Aug 2017 20:17:18 GMT

GET
H/1.1 200
OK lg.php
cat.fr.eu.criteo.com/delivery/ Frame 1470 43 B
43 B 40ms
21ms Image
image/gif 178.250.0.66
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cat.fr.eu.criteo.com/delivery/lg.php?cppv=1&cpp=viSdDXxBcVAxUytZaE0wc3V5MUFSalpUUHU2UDM3MHI4Z2MrNlo5Mlk1NE9NSFY4bmZpdzVSUkd3OXBraGZaVHZqTEZOcllnQ0tyeWZ4NElGWlk0QmpuUzdGaTlBL1VneHovOFZvZnBKTVRwbzFvOEgxRWNZMUpSY0xWR2V6UWJucXFCekFHVzNzYkhteVdEdEJ6a2tHVWRFb2IxR2hiNFk3V0tBSVFNR2hUOHFJd0JKWm9hS04rcTI5UXNPMzVIZTUrc0gyR0VvVWg5Y0YwYVdMSnZjemVXWGlDK3pGNi8vT3hvNVJxSURCZDV0Z3NPa2dkVUhDMEh6bklHWkowVEF5K2tDfA%3D%3D
Requested by: Host: cas.criteo.com
URL: http://cas.criteo.com/delivery/ajs.php?ptv=24&zoneid=699800&cb=6400590482&nodis=1&charset=UTF-8&dc=1&atfr=0&loc=http%3A%2F%2Flame.buanzo.org%2F
Protocol: HTTP/1.1
Server: 178.250.0.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:18 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1470 9 KB
4 KB 182ms
182ms Script
text/javascript 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=650551880878562&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809144%2C108809107%2C21060062%2C21060693%2C21060609&sc=0&sfv=1-0-10&iu=%2F22152718%2Fbuanzo_bottom_DC2&sz=728x90&eri=2&cookie=ID%3Db84ae08fc13c6e58%3AT%3D1504037838%3AS%3DALNI_MYASVE222DzIeEcdsFXZoKJ6h0_qA&lmt=1504037839&dt=1504037839187&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adk=1340161768&ifi=2&ifk=791652814&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Flame.buanzo.org%2F&ref=http%3A%2F%2Flame.buanzo.org%2F&top=http%3A%2F%2Flame.buanzo.org%2F&dssz=18&icsg=658054&mso=512&std=0&csl=90&vrg=146&rumc=7086835195397210&rume=1&vis=1&ga_vid=292573489.1504037838&ga_sid=1504037839&ga_hid=62466689

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

c796a0817743bab5a2aad429f2d4ca0b1f335773e7358b16cd273de6b3661485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 20:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 3658
x-xss-protection: 1; mode=block
google-lineitem-id: 134206278
pragma: no-cache
server: cafe
google-creative-id: 107879899038
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match.aspx
dis.criteo.com/rex/ Frame 1470
Redirect Chain

http://pixel.rubiconproject.com/sync.php?cookie_redirect=1&p=criteo&redir=http%3a%2f%2fdis.criteo.com%2frex%2fmatch.aspx%3fc%3d28%26uid%3duid
http://dis.criteo.com/rex/match.aspx?c=28&uid=J6Y1AO2V-Q-LT4A

43 B
43 B

25ms
13ms

Image
image/gif

178.250.2.76
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dis.criteo.com/rex/match.aspx?c=28&uid=J6Y1AO2V-Q-LT4A
Requested by: Host: lame.buanzo.org
URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 178.250.2.76 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: dis.criteo.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:19 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
P3P: CP='CUR ADM OUR NOR STA NID'
Cache-Control: private
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:18 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: http://dis.criteo.com/rex/match.aspx?c=28&uid=J6Y1AO2V-Q-LT4A
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
X-RPHost: BukUcwJXtFfI9eb3BtYZ0A
Expires: 0

GET
H/1.1 200
OK lg.php
cat.fr.eu.criteo.com/delivery/ Frame 1470 43 B
43 B 39ms
21ms Image
image/gif 178.250.0.66
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cat.fr.eu.criteo.com/delivery/lg.php?cppv=1&cpp=taAIqXxuUWVyeDF4VU5JYllmazhONjBzNGtjWTBrQ3cwMjZKS0JIQi9uM3AraXNVKzd5WnJHUE15Zk5HRjk4ODltbXRieTltYTdHNVZmaXNOaWcwS2p2VHBMamVIWENFQTYyaHVaRWp1dm5GakJMcENiUmY4WlZ5dUU3cjd1SWd0THN6VHBCdld5UklqSTEzalNTa1VFTDRRUGlXRXF2UXU5L3lLMUIwQ1d2bDBLSU8xcWw3eFJDMlVLdGVmTVYyM3E5Qy9xU2F6Wisxa3RYUXViUldSMjUyVEJPOEgyQTBIaTQ2d0NuODI0ZXJwZjIyOFZmcW0wWnhLelRIMjdsZTJvNHlxfA%3D%3D
Requested by: Host: cas.criteo.com
URL: http://cas.criteo.com/delivery/ajs.php?ptv=24&zoneid=771973&cb=85562851258&nodis=1&charset=UTF-8&dc=1&atfr=1&loc=http%3A%2F%2Flame.buanzo.org%2F
Protocol: HTTP/1.1
Server: 178.250.0.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:18 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1470 7 KB
3 KB 275ms
275ms Script
text/javascript 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2355803416287174&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809107%2C108809152%2C21060821&sc=0&sfv=1-0-10&iu=%2F22152718%2Fbuanzo_middle_DC2&sz=970x90%7C728x90&eri=2&cookie=ID%3Db84ae08fc13c6e58%3AT%3D1504037838%3AS%3DALNI_MYASVE222DzIeEcdsFXZoKJ6h0_qA&lmt=1504037839&dt=1504037839194&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adk=3901886181&ifi=2&ifk=2954811709&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Flame.buanzo.org%2F&ref=http%3A%2F%2Flame.buanzo.org%2F&top=http%3A%2F%2Flame.buanzo.org%2F&dssz=16&icsg=133766&mso=512&std=0&csl=103&vrg=146&vis=1&ga_vid=292573489.1504037838&ga_sid=1504037839&ga_hid=1896086888

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

29c24277b81fec59ff72b119460ea116047cf006b40c7b9f8798f902c9d9df98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date: Tue, 29 Aug 2017 20:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 3067
x-xss-protection: 1; mode=block
google-lineitem-id: 140323518
pragma: no-cache
server: cafe
google-creative-id: 107888026158
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST csi
csi.gstatic.com/ Frame 1470 0
0

GET
H/1.1 200
OK getjs.aspx Show response
tag.contextweb.com/TagPublish/ Frame 1470 1 KB
704 B 25ms
19ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=560224&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=568482
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.22.v20170606) /
Resource Hash: 51a15aa3631286415b03a9866697062fc6b288cb3e402c01ae8ccab0f0090dc7

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Content-Encoding: gzip
Content-Type: application/x-javascript
Server: Jetty(9.2.22.v20170606)
Age: 0
X-Served-By: cache-hhn1535-HHN
Transfer-Encoding: chunked
X-Cache: MISS
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Via: 1.1 varnish
Cache-Control: max-age=432000, public, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1504037839.384481,VS0,VE14
X-Cache-Hits: 0

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1470 0
0 14ms
14ms Image
text/html 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0iXHFezoos4PC17VZUIkwdEVXb1L-AQvAYUk3LKv0mWK81KrS0HvcqUxm4pLSj9uLng1BkaPyTUViXjLXoIWeuww03J8gmSnlrrpSvfxwUzCWvEZdk11pYfJLF5VlX8dEVbbpTTZ1GPRYxPRt4NPWjx3vh0NE85vCsIAoQFMvKEfsCXGc3FBm26TAD7HDpHH5MGkxJv7gfA8b4tfJxv9t5oPVJziRgUYDS8ugAD6DKfZ5KTN-gvgDgqbqp04&sig=Cg0ArKJSzNDb0f8wxl7cEAE&urlfix=1&adurl=

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Aug 2017 20:17:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rtset Show response
bh.contextweb.com/bh/ Frame 1470
Redirect Chain

http://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEE2l_poO9Cu34MuKN7RqwdM&google_cver=1

0
0

23ms
18ms

Script
application/x-javascript

151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEE2l_poO9Cu34MuKN7RqwdM&google_cver=1
Requested by: Host: lame.buanzo.org
URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.22.v20170606) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Via: 1.1 varnish
Server: Jetty(9.2.22.v20170606)
Content-Language: en-US
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
X-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript; charset=ISO-8859-1
CW-Server: ams-bh00
Content-Length: 0
X-Served-By: cache-hhn1549-HHN

Redirect headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:19 GMT
Server: HTTP server (unknown)
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEE2l_poO9Cu34MuKN7RqwdM&google_cver=1
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 305
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rtset Show response
bh.contextweb.com/bh/ Frame 1470
Redirect Chain

http://match.adsrvr.org/track/cmb/contextweb?
http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=90c890c7-72b7-4318-bdf2-7b581645d20b

0
0

17ms
17ms

Script
application/x-javascript

151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=90c890c7-72b7-4318-bdf2-7b581645d20b
Requested by: Host: lame.buanzo.org
URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.22.v20170606) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Via: 1.1 varnish
Server: Jetty(9.2.22.v20170606)
Content-Language: en-US
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
X-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript; charset=ISO-8859-1
CW-Server: ams-bh00
Content-Length: 0
X-Served-By: cache-hhn1549-HHN

Redirect headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:20 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Location: http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=90c890c7-72b7-4318-bdf2-7b581645d20b
Cache-Control: private,no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html
Content-Length: 213

GET
H/1.1 200
OK getjs.static.js Show response
tag-st.contextweb.com/TagPublish/ Frame 1470 28 KB
10 KB 11ms
5ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Requested by: Host: tag.contextweb.com
URL: http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=560224&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=568482
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.22.v20170606) /
Resource Hash: c78dbc860728f695fb9d23821e8363c4b47253641c745c246b83ba839512656a

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Content-Encoding: gzip
Age: 79
X-Cache: HIT
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 9851
X-Served-By: cache-hhn1541-HHN
Server: Jetty(9.2.22.v20170606)
X-Timer: S1504037839.408393,VS0,VE0
ETag: 280d49079c2754858d2bbe114d2981fc82b7b178
Content-Type: application/x-javascript
Via: 1.1 varnish
Cache-Control: max-age=432000, public
Accept-Ranges: bytes
X-Cache-Hits: 165

GET
H/1.1 200
OK getjs.aspx Show response
tag.contextweb.com/TagPublish/ Frame 1470 2 KB
788 B 17ms
17ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=560224&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=574391
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.22.v20170606) /
Resource Hash: ed2ac84f7b8c4cedd25cac170536f569715d6f20bb3edb29ad6cd309987991cf

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Content-Encoding: gzip
Content-Type: application/x-javascript
Server: Jetty(9.2.22.v20170606)
Age: 0
X-Served-By: cache-hhn1535-HHN
Transfer-Encoding: chunked
X-Cache: MISS
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Via: 1.1 varnish
Cache-Control: max-age=432000, public, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1504037839.478454,VS0,VE12
X-Cache-Hits: 0

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1470 0
0 14ms
14ms Image
text/html 216.58.207.34
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsto3aP2QxG1IhjKhVOApgZphJ92_9I3-eMZVClIbzK_-4kTkRG1K-syBbNQkmHBwoq41zvK7lc7RNZaiJotda2Le5KF-I0fFUvbSYOIHLaWPsbq66A1HAEXYVGc3KuyYDWxldF7KG5c6AG_9ktqikY2nQwGAcXEYJk9D5px8Cxn9Oe3w7B6IWrYWbXJhaW4UL2-gj92iEJsbxswpykHTRR-D-wrdoBVgGbGMzRDi9hniF-oh_TKPYnO4A5nvRU&sig=Cg0ArKJSzD2BkUq74hTyEAE&urlfix=1&adurl=

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Aug 2017 20:17:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rtset Show response
bh.contextweb.com/bh/ Frame 1470
Redirect Chain

http://match.adsrvr.org/track/cmf/contextweb
http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=90c890c7-72b7-4318-bdf2-7b581645d20b

0
0

18ms
18ms

Script
application/x-javascript

151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=90c890c7-72b7-4318-bdf2-7b581645d20b
Requested by: Host: lame.buanzo.org
URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.22.v20170606) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Via: 1.1 varnish
Server: Jetty(9.2.22.v20170606)
Content-Language: en-US
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
X-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript; charset=ISO-8859-1
CW-Server: ams-bh00
Content-Length: 0
X-Served-By: cache-hhn1549-HHN

Redirect headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:16 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Location: http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=90c890c7-72b7-4318-bdf2-7b581645d20b
Cache-Control: private,no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html
Content-Length: 213

GET
H/1.1

200
OK

rtset Show response
bh.contextweb.com/bh/ Frame 1470
Redirect Chain

http://sync.mathtag.com/sync/img?mt_exid=11&type=sync&redir=http%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D530739%26ev%3D%5BMM_UUID%5D
http://bh.contextweb.com/bh/rtset?do=add&pid=530739&ev=ee6059a6-cbcf-4600-ae40-dfb1448a68d7

49 B
53 B

23ms
18ms

Script
image/gif

151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://bh.contextweb.com/bh/rtset?do=add&pid=530739&ev=ee6059a6-cbcf-4600-ae40-dfb1448a68d7
Requested by: Host: lame.buanzo.org
URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.22.v20170606) /
Resource Hash: 4c23865d180f804df030e56f4d06adfdbefc2e8720b8553596036387e23ab9b2

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Via: 1.1 varnish
Server: Jetty(9.2.22.v20170606)
Transfer-Encoding: chunked
Content-Language: en-US
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
X-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif; charset=ISO-8859-1
CW-Server: ams-bh00
X-Served-By: cache-hhn1525-HHN

Redirect headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Server: MT3 1.15.12.12 775330a RELEASE ewr-pixel-x39
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: http://bh.contextweb.com/bh/rtset?do=add&pid=530739&ev=ee6059a6-cbcf-4600-ae40-dfb1448a68d7
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 29 Aug 2017 20:17:18 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag-st.contextweb.com/TagPublish/ Frame 1470 28 KB
0 11ms
5ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Requested by: Host: tag.contextweb.com
URL: http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=560224&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=574391
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.22.v20170606) /
Resource Hash: c78dbc860728f695fb9d23821e8363c4b47253641c745c246b83ba839512656a

Request headers

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Content-Encoding: gzip
Age: 79
X-Cache: HIT
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 9851
X-Served-By: cache-hhn1541-HHN
Server: Jetty(9.2.22.v20170606)
X-Timer: S1504037839.408393,VS0,VE0
ETag: 280d49079c2754858d2bbe114d2981fc82b7b178
Content-Type: application/x-javascript
Via: 1.1 varnish
Cache-Control: max-age=432000, public
Accept-Ranges: bytes
X-Cache-Hits: 165

GET
H/1.1 200
OK GetAd.aspx Show response
ads.contextweb.com/TagPublish/ Frame 1470 3 KB
1 KB 26ms
20ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=560224&ct=568482&cwod=&epid=&esid=&brk=false&ccid=&wp=0&cf=728X90&asv=30&rq=1&dw=728&cwu=http%3A%2F%2Flame.buanzo.org%2F&cwr=&mrnd=72490400&if=2&tl=1&pxy=52,1559&cxy=728,90&dxy=1585,4102&tz=0&ln=en-US&acid=pp_ad_container_0
Requested by: Host: tag-st.contextweb.com
URL: http://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.22.v20170606) /
Resource Hash: dfbc5be01adacc6dd2609729d4955f1d1697632bc06c4e5c035c1dc87fc3e16d

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: MISS
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
X-Served-By: cache-hhn1529-HHN
Pragma: no-cache
Server: Jetty(9.2.22.v20170606)
CWDL: 12/2528
Via: 1.1 varnish
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: application/x-javascript; charset=utf-8
CW-Server: AMS-TAG03:8080
X-Cache-Hits: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1470 47 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.contextweb.com
URL: http://ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=560224&ct=568482&cwod=&epid=&esid=&brk=false&ccid=&wp=0&cf=728X90&asv=30&rq=1&dw=728&cwu=http%3A%2F%2Flame.buanzo.org%2F&cwr=&mrnd=72490400&if=2&tl=1&pxy=52,1559&cxy=728,90&dxy=1585,4102&tz=0&ln=en-US&acid=pp_ad_container_0

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

c4fa14a568e099dd43cb4a3df3512410d64e555eb52f707b1017dfa36c963a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 19:28:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 2931
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 15086159814053884391
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 17727
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 Aug 2017 20:28:28 GMT

GET
H/1.1

200
OK

400066.gif
idsync.rlcdn.com/ Frame 1470
Redirect Chain

http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk
http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk&redirect=1

43 B
43 B

122ms
104ms

Image
image/gif

52.44.233.178
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk&redirect=1
Requested by: Host: lame.buanzo.org
URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 52.44.233.178 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-44-233-178.compute-1.amazonaws.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length: 43
Content-Type: image/gif; charset=ISO-8859-1

Redirect headers

Location: http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk&redirect=1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif; charset=ISO-8859-1
Content-Length: 0
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"

GET
H/1.1

200
OK

demconf.jpg Show response
dpm.demdex.net/ Frame 1470
Redirect Chain

http://dpm.demdex.net/ibs:dpid=96678&dpuuid=9n1gGoaMAetk
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=9n1gGoaMAetk

42 B
42 B

31ms
31ms

Script
image/gif

54.72.198.94
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=9n1gGoaMAetk
Requested by: Host: lame.buanzo.org
URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 54.72.198.94 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-198-94.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

DCS: irl1-prod-dcs-7d1e81f6.edge-irl1.demdex.com 5.17.2.20170824123507 4ms
Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:19 GMT
X-TID: 1SRI8jI2QFc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:19 GMT
X-TID: DcBSQJIFRKo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=9n1gGoaMAetk
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170823/r20170110/ Frame 1470 190 KB
0 50ms
49ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170823/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

6714b7f0fb58590fd05cc03eac6bac5b285cebe007ecb0e991f99c711c73f446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Timing-Allow-Origin: *
Date: Tue, 29 Aug 2017 20:17:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14906411358530502870
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 71156
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 Aug 2017 20:17:18 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 1470 0
0

GET visitormatch
bh.contextweb.com/bh/ Frame 1470 0
0

GET p-01-0VIaSjnOLg.gif
pixel.quantserve.com/pixel/ Frame 1470 0
0

GET
H/1.1 200
OK GetAd.aspx Show response
ads.contextweb.com/TagPublish/ Frame 1470 3 KB
1 KB 20ms
20ms Script
application/x-javascript 151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=560224&ct=574391&cwod=&epid=&esid=&brk=false&ccid=&wp=0&cf=728X90&asv=30&rq=1&dw=728&cwu=http%3A%2F%2Flame.buanzo.org%2F&cwr=&mrnd=19119132&if=2&tl=1&pxy=92,918&cxy=728,90&dxy=1585,4102&tz=0&ln=en-US&acid=pp_ad_container_0
Requested by: Host: tag-st.contextweb.com
URL: http://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.2.22.v20170606) /
Resource Hash: 444dcb11f79cdda9816753608bea5c773f73ab83f4d15d79b4aaf16251c5c8ca

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date: Tue, 29 Aug 2017 20:17:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: MISS
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
X-Served-By: cache-hhn1529-HHN
Pragma: no-cache
Server: Jetty(9.2.22.v20170606)
CWDL: 12/2528
Via: 1.1 varnish
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: application/x-javascript; charset=utf-8
CW-Server: AMS-TAG15:8080
X-Cache-Hits: 0

GET iu3
aax-eu.amazon-adsystem.com/s/ Frame 1470 0
0

GET
DATA 200
OK truncated
/ Frame 1470 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b7079c0de810657b73c2897480f9bb88abf801f402d7fcbff5f0bc2ede8b46

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1470 47 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.contextweb.com
URL: http://ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=560224&ct=574391&cwod=&epid=&esid=&brk=false&ccid=&wp=0&cf=728X90&asv=30&rq=1&dw=728&cwu=http%3A%2F%2Flame.buanzo.org%2F&cwr=&mrnd=19119132&if=2&tl=1&pxy=92,918&cxy=728,90&dxy=1585,4102&tz=0&ln=en-US&acid=pp_ad_container_0

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

c4fa14a568e099dd43cb4a3df3512410d64e555eb52f707b1017dfa36c963a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Timing-Allow-Origin: *
Date: Tue, 29 Aug 2017 19:28:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 2931
ETag: 15086159814053884391
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 17727
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 Aug 2017 20:28:28 GMT

GET
H/1.1

200
OK

400066.gif
idsync.rlcdn.com/ Frame 1470
Redirect Chain

http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk
http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk&redirect=1

43 B
43 B

104ms
104ms

Image
image/gif

52.22.202.128
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk&redirect=1
Requested by: Host: lame.buanzo.org
URL: http://lame.buanzo.org/
Protocol: HTTP/1.1
Server: 52.22.202.128 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-22-202-128.compute-1.amazonaws.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length: 43
Content-Type: image/gif; charset=ISO-8859-1

Redirect headers

Location: http://idsync.rlcdn.com/400066.gif?partner_uid=9n1gGoaMAetk&redirect=1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif; charset=ISO-8859-1
Content-Length: 0
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"

GET
H/1.1 200
OK ibs:dpid=96678&dpuuid=9n1gGoaMAetk Show response
dpm.demdex.net/ Frame 1470 42 B
42 B 32ms
32ms Script
image/gif 54.72.198.94
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/ibs:dpid=96678&dpuuid=9n1gGoaMAetk
Requested by: Host: ads.contextweb.com
URL: http://ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=560224&ct=574391&cwod=&epid=&esid=&brk=false&ccid=&wp=0&cf=728X90&asv=30&rq=1&dw=728&cwu=http%3A%2F%2Flame.buanzo.org%2F&cwr=&mrnd=19119132&if=2&tl=1&pxy=92,918&cxy=728,90&dxy=1585,4102&tz=0&ln=en-US&acid=pp_ad_container_0
Protocol: HTTP/1.1
Server: 54.72.198.94 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-198-94.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

DCS: irl1-prod-dcs-891d8202.edge-irl1.demdex.com 5.17.2.20170824123507 3ms
Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:19 GMT
X-TID: cUwpn0WrTm0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170823/r20170110/ Frame 1470 190 KB
0 50ms
49ms Script
text/javascript 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170823/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

6714b7f0fb58590fd05cc03eac6bac5b285cebe007ecb0e991f99c711c73f446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Timing-Allow-Origin: *
Date: Tue, 29 Aug 2017 20:17:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14906411358530502870
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 71156
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 Aug 2017 20:17:18 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 1470 0
0

GET visitormatch
bh.contextweb.com/bh/ Frame 1470 0
0

GET p-01-0VIaSjnOLg.gif
pixel.quantserve.com/pixel/ Frame 1470 0
0

GET iu3
aax-eu.amazon-adsystem.com/s/ Frame 1470 0
0

GET
DATA 200
OK truncated
/ Frame 1470 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 703b89cee0b3baa15cc961be1927045306e29af0eb8cf296c214ad790aa2746e

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

POST
H/1.1 204
No Content csi
csi.gstatic.com/ Frame 1470 0
0 282ms
282ms Other
image/gif 2800:3f0:4001:80b::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://csi.gstatic.com/csi?v=3&s=gpt&action=ad_events_psbk&it=ad_fetch_period.2.184,exr.2.0&is_backfill_at_render=2_false&qqid=2_CJDkicmh_dUCFcITGwodlucAqA&vrg=146&pl_id=7086835195397210&e=v146,n22152718,non-sra,fif,sync,108809144,108809107,21060062,21060693,21060609&rt=start_ad_render_period.2.1037
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_146.js
Protocol: HTTP/1.1
Server: 2800:3f0:4001:80b::2003 , Argentina, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Cache-Control: max-age=0
Origin: http://lame.buanzo.org
Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:20 GMT
Last-Modified: Wed, 21 Jan 2004 19:51:30 GMT
Server: Golfe2
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
S 204 csi
csi.gstatic.com/ Frame 1470 0
0 396ms
276ms Other
image/gif 2800:3f0:4001:80b::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~j6y1ap1i&c=7086835195397210&e=108809144%2C108809107%2C21060062%2C21060693%2C21060609&ctx=1&met.9=1.db~2.eb&met.3=112.fg_1~157.lk_1~155.le_8~157.sk~143.sk_1~129.sl~157.zk~143.zk_1~129.zk_6~123.10j_2~123.10m~121.10n~121.10o~130.10p~116.10p~116.10p~132.10s_1~118.10t~118.10t~132.10t~118.10u~118.10u~132.10u~118.10u~118.10u~122.13d~122.13e~132.13g~118.13g~118.13g~114.13g~132.13g~118.13g~118.13g~114.13g~132.13g~118.13g~118.13g~122.165~122.166~114.168~114.168~132.168~118.168~118.168~132.168~118.169~118.169~132.169~118.169~118.169~157.16j~143.16j_1~130.16k~116.16k~116.16k~129.16p~132.185~118.185~118.185~132.18b~118.18b~118.18b~192.18s~157.18t~157.18t~130.18s_1~130.18t~116.18t~116.18t~132.18t~118.18u~118.18u~122.18x~122.18y~132.190~118.190~118.190~114.190~114.190~132.190~118.190~118.190~132.190~118.191~118.191~122.1bp~122.1bq~132.1bs~118.1bs~118.1bs~114.1bt~114.1bt~132.1bt~118.1bt~118.1bt~132.1bt~118.1bt~118.1bt~132.1dc~118.1dc~118.1dd~132.1dd~118.1dd~118.1dd~129.1dn~132.1ea~118.1eb~118.1eb~132.1eb~118.1eb~118.1eb~197.1eg_1~132.1eh~118.1eh~118.1eh~132.1eh~118.1eh~118.1eh~122.1eh~197.1ei~132.1ei~118.1ei~118.1ei~122.1ei~132.1ek~118.1ek~118.1ek~114.1el~114.1el~132.1el~118.1el~118.1el~132.1el~118.1el~118.1el~157.1fs~157.1fs~143.1fr_3~132.1fu~118.1fu~118.1fu~132.1fu~118.1fu~118.1fu~132.1g5~118.1g5~118.1g5~132.1g5~118.1g5~118.1g5~122.1h9~122.1hb~132.1hd~118.1hd~118.1hd~114.1hd~132.1hd~118.1hd~118.1hd~114.1hd~132.1hd~118.1hd~118.1hd~132.1ix~118.1ix~118.1ix~132.1ix~118.1ix~118.1ix~122.1k2~122.1k3~132.1k5~118.1k5~118.1k5~114.1k5~132.1k5~118.1k5~118.1k5~114.1k5~132.1k5~118.1k5~118.1k5~129.1kl~132.1lp~118.1lp~118.1lp~132.1lp~118.1lp~118.1lp~157.1ms~157.1ms~143.1ms_1~132.1mt&met.4=fb.kz~fb.st~lb.10f~lb.10l&qqid.1=CI_q9sih_dUCFcKLGQodnoAM1w&qqid.2=CJDkicmh_dUCFcITGwodlucAqA
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2800:3f0:4001:80b::2003 , Argentina, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Cache-Control: max-age=0
Origin: http://lame.buanzo.org
Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 29 Aug 2017 20:17:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 1470 42 B
42 B 14ms
14ms Image
image/gif 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=BtfkKzsulWc72NozDb4q5roACAAAAABABOAHIAQnAAgLgAgDgBAGgBhbSCAUIgGEQAQ&cid=CAASEuRouxA1nA3wtVBw4JXRBvxF3Q&id=osdim&ti=1&r=u&adk=3053842094&tt=1812&bs=1585,1200&mtos=1052,1052,1052,1052,1052&tos=1052,0,0,0,0&p=918,92,1030,820&mcvt=1052&rs=3&ht=0&tfs=759&tls=1811&mc=1&lte=-1&bas=0&bac=0&bos=1600,1200&ps=1585,4112&ss=1600,1200&pt=-1&deb=1-0-3-6-10--1&tvt=1808&is=728,90&iframe_loc=http%3A%2F%2Flame.buanzo.org%2F&avms=geo&uc=3&tgt=DIV&cl=0&cec=11&clc=1&cac=0&cd=728x112

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:20 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 1470 42 B
42 B 20ms
14ms Image
image/gif 2a00:1450:4001:81f::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=B3I0Sz8ulWfCADpSGZNyVhNAJAAAAABABOAHIAQnAAgLgAgDgBAGgBhbSCAUIgGEQAQ&cid=CAASEuRoOUVzffDzVUGgoN8-q8I8WQ&id=osdim&ti=1&r=u&adk=3901886181&tt=1812&bs=1585,1200&mtos=1052,1052,1052,1052,1052&tos=1052,0,0,0,0&p=918,92,1030,820&mcvt=1052&rs=3&ht=0&tfs=759&tls=1811&mc=1&lte=-1&bas=0&bac=0&bos=1600,1200&ps=1585,4112&ss=1600,1200&pt=-1&deb=1-0-3-6-10--1&tvt=1808&is=728,90&iframe_loc=http%3A%2F%2Flame.buanzo.org%2F&avms=geo&uc=3&tgt=DIV&cl=0&cec=10&clc=1&cac=0&cd=728x112

Requested by

Host: lame.buanzo.org
URL: http://lame.buanzo.org/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2017 20:17:20 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
S 204 csi
csi.gstatic.com/ Frame 1470 0
0 279ms
278ms Other
image/gif 2800:3f0:4001:80b::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=2~j6y1ard7&c=7086835195397210&e=108809144%2C108809107%2C21060062%2C21060693%2C21060609&ctx=1&met.3=118.1mu~118.1mv~132.1mv~118.1mv~118.1mv~122.1mv~122.1mv~132.1mx~118.1mx~118.1mx~114.1mx~132.1mx~118.1mx~118.1mx~114.1mx~132.1mx~118.1mx~118.1mx~132.1oh~118.1oh~118.1oh~132.1oh~118.1oh~118.1oh~122.1pn~122.1pn~132.1pp~118.1pp~118.1pp~114.1pp~114.1pp~132.1pp~118.1pp~118.1pp~132.1pp~118.1pp~118.1pp~132.1r9~118.1r9~118.1r9~132.1r9~118.1r9~118.1r9~129.1rk~197.1se~132.1se~118.1se~118.1se~157.1tr~157.1ts~143.1tr_1~132.1ts~118.1ts~118.1ts~132.1ts~118.1ts~118.1ts~132.1u2~118.1u2~118.1u2~132.1u2~118.1u2~118.1u2~132.1wu~118.1wu~118.1wu~132.1wu~118.1wu~118.1wu~129.1yi~132.1zn~118.1zn~118.1zn~132.1zn~118.1zn~118.1zn~157.20q~157.20r~143.20q_1~132.20r~118.20r~118.20r~132.20r~118.20r~118.20s~129.25g~197.26a~132.26a~118.26a~118.26a~157.27p~157.27q~143.27p_1~132.27q~118.27q~118.27q~132.27q~118.27q~118.27q~129.2cf~157.2eo~157.2ep~143.2eo_1~132.2ep~118.2ep~118.2ep~132.2ep~118.2ep~118.2ep~129.2jd~197.2k6~132.2k6~118.2k6~118.2k6~157.2ln~157.2lo~143.2ln_2~132.2lp~118.2lp~118.2lq~132.2lq~118.2lq~118.2lq~129.2qc~157.2so~157.2so~143.2sn_1~132.2so~118.2sp~118.2sp~132.2sp~118.2sp~118.2sp~129.2xa~197.2y2~132.2y2~118.2y2~118.2y2~157.2zn~157.2zn~143.2zn_1~132.2zn~118.2zn~118.2zn~132.2zn~118.2zo~118.2zo~129.349~157.36m~157.36m~143.36l_1~132.36m~118.36m~118.36m~132.36n~118.36n~118.36n~129.3b7~197.3by~132.3by~118.3by~118.3by~157.3dl~157.3dl~143.3dk_1~132.3dl~118.3dl~118.3dl~132.3dl~118.3dm~118.3dm~129.3i6~157.3kk~157.3kk~143.3kj_1~132.3kl~118.3km~118.3km~132.3km~118.3km~118.3km~129.3p4~197.3pu~132.3pu~118.3pu~118.3pu~157.3rj~157.3rj~143.3rj_1~132.3rk~118.3rk~118.3rk~132.3rk~118.3rk~118.3rk~129.3w2~157.3yi~157.3yi~143.3yi_1~132.3yj&qqid.1=CI_q9sih_dUCFcKLGQodnoAM1w&qqid.2=CJDkicmh_dUCFcITGwodlucAqA
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2800:3f0:4001:80b::2003 , Argentina, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Cache-Control: max-age=0
Origin: http://lame.buanzo.org
Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 29 Aug 2017 20:17:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
S 204 csi
csi.gstatic.com/ Frame 1470 0
0 277ms
277ms Other
image/gif 2800:3f0:4001:80b::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=3~j6y1auut&c=7086835195397210&e=108809144%2C108809107%2C21060062%2C21060693%2C21060609&ctx=1&met.3=118.3yk~118.3yk~132.3yk~118.3yk~118.3yk~129.431~197.43q~132.43q~118.43q~118.43q_1~157.45h~157.45h~143.45h_1~132.45i~118.45i~118.45i~132.45i~118.45i~118.45i~129.49z~157.4cg~157.4ch~143.4cg_1~132.4ch~118.4ch~118.4ch~132.4ch~118.4ch~118.4ch~129.4gy~197.4hm~132.4hm~118.4hm~118.4hm~157.4jf~157.4jg~143.4jf_1~132.4jg~118.4jg~118.4jg~132.4jg~118.4jg~118.4jg~129.4nw~157.4qe~157.4qf~143.4qe_1~132.4qf~118.4qf~118.4qf~132.4qf~118.4qf~118.4qf~129.4uu~197.4vi~132.4vi~118.4vi~118.4vi~157.4xe~157.4xe~143.4xd_1~132.4xe~118.4xe~118.4xe~132.4xe~118.4xe~118.4xe~129.51t~157.54d~157.54d~143.54c_1~132.54d~118.54d~118.54d~132.54d~118.54e~118.54e~129.58r~197.59e~132.59e~118.59e~118.59e~157.5bc~157.5bc~143.5bb_1~132.5bd~118.5bd~118.5bd~132.5bd~118.5bd~118.5bd~129.5fp~157.5ib~157.5ib~143.5ib_2~132.5ic~118.5ic~118.5ic~132.5ic~118.5ic~118.5ic~129.5mo~197.5na~157.5pb~157.5pb~143.5pb_1~132.5pc~118.5pc~118.5pc~132.5pc~118.5pc~118.5pc~129.5tm~157.5wa~157.5wb~143.5wa_1~132.5wb~118.5wb~118.5wb~132.5wb~118.5wb~118.5wb~129.60k~157.63a~157.63a~143.639_1~132.63b~118.63b~118.63b~132.63c~118.63c~118.63c~129.67j~157.6a9~157.6a9~143.6a9_1~132.6a9~118.6aa~118.6aa~132.6aa~118.6aa~118.6aa~129.6eh~157.6h8~157.6h8~143.6h7_1~132.6h8~118.6h8~118.6h9~132.6h9~118.6h9~118.6h9~129.6lf~157.6o7~157.6o7~143.6o7_1~132.6o7~118.6o7~118.6o7~132.6o8~118.6o8~118.6o8~129.6se~157.6v6~157.6v6~143.6v6_1~132.6v7~118.6v7~118.6v7~132.6v7~118.6v7~118.6v7~129.6zc~157.725~157.726~143.725_1~132.726~118.726~118.726~132.726~118.726~118.726~129.76a~157.794~157.795~143.794_1~132.796~118.796~118.796~132.796~118.796~118.796~129.7d9~157.7g4~157.7g4~143.7g4_1~132.7g5~118.7g5~118.7g5~132.7g5&qqid.1=CI_q9sih_dUCFcKLGQodnoAM1w&qqid.2=CJDkicmh_dUCFcITGwodlucAqA
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2800:3f0:4001:80b::2003 , Argentina, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Cache-Control: max-age=0
Origin: http://lame.buanzo.org
Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 29 Aug 2017 20:17:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
S 204 csi
csi.gstatic.com/ Frame 1470 0
0 275ms
275ms Other
image/gif 2800:3f0:4001:80b::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=4~j6y1ayq9&c=7086835195397210&e=108809144%2C108809107%2C21060062%2C21060693%2C21060609&ctx=1&met.3=118.7g5~118.7g5~129.7k7~157.7n3~157.7n3~143.7n3_1~132.7n4~118.7n4~118.7n4~132.7n4~118.7n4~118.7n4~129.7r5~157.7u2~157.7u3~143.7u2_1~132.7u3~118.7u4~118.7u4~132.7u4~118.7u4~118.7u4~129.7y4~157.812~157.812~143.811_1~132.813~118.813~118.813~132.813~118.813~118.813~129.852~157.881~157.881~143.881_1~132.881~118.881~118.882~132.882~118.882~118.882~129.8c0~157.8f0~157.8f0~143.8ez_1~132.8f1~118.8f1~118.8f1~132.8f1~118.8f1~118.8f1~129.8iz~157.8lz~157.8lz~143.8lz_1~132.8lz~118.8m0~118.8m0~132.8m0~118.8m0~118.8m0~129.8px~157.8sy~157.8sy~143.8sy_1~132.8sy~118.8sz~118.8sz~132.8sz~118.8sz~118.8sz~129.8ww~157.8zx~157.8zx~143.8zx_1~132.8zy~118.8zy~118.8zy~132.8zy~118.8zy~118.8zy~129.93u~157.96w~157.96w~143.96w_1~132.96w~118.96x~118.96x~132.96x~118.96x~118.96x~129.9as~157.9dv~157.9dv~143.9dv_1~132.9dw~118.9dw~118.9dw~132.9dw~118.9dw~118.9dw~129.9hr~157.9ku~157.9ku~143.9ku_1~132.9kv~118.9kv~118.9kv~132.9kv~118.9kv~118.9kv~129.9op~157.9rt~157.9rt~143.9rt_1~132.9ru~118.9ru~118.9ru~132.9ru~118.9ru~118.9ru~129.9vo~157.9ys~157.9ys~143.9ys_1~132.9yt~118.9yt~118.9yt~132.9yt~118.9yu~118.9yu~129.a2m~157.a5r~157.a5r~143.a5r_1~132.a5s~118.a5s~118.a5s~132.a5s~118.a5s~118.a5s~129.a9l~157.acq~157.acq~143.acq_1~132.acr~118.acr~118.acr~132.acr~118.acr~118.acr~129.agj~157.ajp~157.ajp~143.ajp_1~132.ajp~118.ajp~118.ajp~132.ajq~118.ajq~118.ajq~129.anh~157.aqo~157.aqo~143.aqn_1~132.aqo~118.aqo~118.aqo~132.aqo~118.aqo~118.aqo~129.aug~157.axm~157.axm~143.axm_1~132.axn~118.axn~118.axn~132.axn~118.axn~118.axn~129.b1e~157.b4l~157.b4l~143.b4l_1~132.b4m~118.b4m~118.b4m~132.b4m~118.b4m~118.b4m~129.b8c~157.bbk~157.bbk~143.bbk_1~132.bbl~118.bbl~118.bbl~132.bbl&qqid.1=CI_q9sih_dUCFcKLGQodnoAM1w&qqid.2=CJDkicmh_dUCFcITGwodlucAqA
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2800:3f0:4001:80b::2003 , Argentina, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Cache-Control: max-age=0
Origin: http://lame.buanzo.org
Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 29 Aug 2017 20:17:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
S 204 csi
csi.gstatic.com/ Frame 1470 0
0 276ms
276ms Other
image/gif 2800:3f0:4001:80b::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=5~j6y1b2lx&c=7086835195397210&e=108809144%2C108809107%2C21060062%2C21060693%2C21060609&ctx=1&met.3=118.bbm~118.bbm~129.bfb~157.bij~157.bij~143.bij_1~132.bik~118.bik~118.bik~132.bik~118.bik~118.bik~129.bm9~157.bpi~157.bpi~143.bpi_1~132.bpj~118.bpj~118.bpj~132.bpj~118.bpj~118.bpj~129.bt8~157.bwh~157.bwh~143.bwh_1~132.bwi~118.bwi~118.bwi~132.bwi~118.bwi~118.bwi~129.c06~157.c3h~157.c3h~143.c3h_1~132.c3i~118.c3i~118.c3i~132.c3i~118.c3i~118.c3i~129.c75~157.cag~157.cag~143.cag_1~132.cah~118.cah~118.cah~132.cah~118.cah~118.cah~129.ce3~157.chf~157.chf~143.chf_1~132.chg~118.chg~118.chg~132.chg~118.chg~118.chg~129.cl1~157.coe~157.coe~143.coe_1~132.cof~118.cof~118.cof~132.cof~118.cof~118.cof~129.cs0~157.cve~157.cve~143.cve_1~132.cvf~118.cvf~118.cvf~132.cvf~118.cvf~118.cvf~129.cyy~157.d2d~157.d2d~143.d2d_1~132.d2e~118.d2e~118.d2e~132.d2e~118.d2e~118.d2e~129.d5x~157.d9d~157.d9d~143.d9d_1~132.d9d~118.d9d~118.d9d~132.d9d~118.d9d~118.d9d~129.dcv~157.dgc~157.dgc~143.dgc_1~132.dgd~118.dgd~118.dgd~132.dgd~118.dgd~118.dgd~129.djt~157.dnc~157.dnc~143.dnc_1~132.dnd~118.dnd~118.dnd~132.dnd~118.dnd~118.dnd~129.dqs~157.dub~157.dub~143.dub_1~132.duc~118.duc~118.duc~132.duc~118.duc~118.duc~129.dxq~157.e1c~157.e1c~143.e1c_1~132.e1d~118.e1d~118.e1d~132.e1d~118.e1d~118.e1d~129.e4p~157.e8b~157.e8b~143.e8b_1~132.e8c~118.e8c~118.e8c~132.e8d~118.e8d~118.e8d~129.ebn~157.efa~157.efa~143.efa_1~132.efc~118.efc~118.efc~132.efc~118.efc~118.efc~129.eim~157.ema~157.ema~143.ema_1~132.emb~118.emb~118.emb~132.emb~118.emb~118.emb~129.epk~157.et9~157.et9~143.et9_1~132.eta~118.eta~118.eta~132.eta~118.eta~118.eta~129.ewj~157.f08~157.f08~143.f08_1~132.f08~118.f08~118.f08~132.f09~118.f09~118.f09~129.f3h~157.f78~157.f78~143.f78_1~132.f78~118.f78~118.f78~132.f78&qqid.1=CI_q9sih_dUCFcKLGQodnoAM1w&qqid.2=CJDkicmh_dUCFcITGwodlucAqA
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2800:3f0:4001:80b::2003 , Argentina, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Cache-Control: max-age=0
Origin: http://lame.buanzo.org
Referer: http://lame.buanzo.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 29 Aug 2017 20:17:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20170823/r20170110/zrt_lookup.html

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8555390920792337&format=728x90&output=html&h=90&slotname=2222257188&adk=267572472&adf=497884691&w=728&lmt=1504037838&flash=0&url=http%3A%2F%2Flame.buanzo.org%2F&wgl=1&dt=1504037838256&bpp=7&bdt=211&fdt=9&idt=112&shv=r20170823&cbv=r20170110&saldr=aa&correlator=986499056054&frm=20&ga_vid=292573489.1504037838&ga_sid=1504037838&ga_hid=792587402&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=172&biw=1585&bih=1200&abxe=1&eid=575144605%2C21060850&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=MmshnPimmg&p=http%3A//lame.buanzo.org&dtd=133

Domain: csi.gstatic.com
URL: http://csi.gstatic.com/csi?v=3&s=gpt&action=ad_events_psbk&it=ad_fetch_period.1.228,exr.1.0&req_len=1_809,2_830&req_s=1_1,2_2&is_backfill_at_render=1_false&qqid=1_CI_q9sih_dUCFcKLGQodnoAM1w&vrg=146&pl_id=7086835195397210&e=v146,n22152718,non-sra,fif,sync,108809144,108809107,21060062,21060693,21060609&rt=start_ad_fetch_period.1.526,start_ad_render_period.1.755,start_ad_fetch_period.2.853

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4276969157128104&output=html&h=90&slotname=2038096409%2F3514804289%2F6468220049&adk=277907342&adf=2048423887&w=728&lmt=1504037839&ea=0&flash=0&url=http%3A%2F%2Flame.buanzo.org%2F&wgl=1&dt=1504037839552&bpp=11&bdt=1200&fdt=13&idt=31&shv=r20170823&cbv=r20170110&saldr=sa&correlator=986499056054&frm=23&ga_vid=292573489.1504037838&ga_sid=1504037839&ga_hid=62466689&ga_fc=0&pv=2&iag=15&icsg=2&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=52&ady=1559&biw=1585&bih=1200&isw=728&ish=90&ifk=791652814&eid=575144605%2C33895410%2C21060850&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&ppjl=u&pfx=0&fu=20&bc=1&ifi=3&dtd=48

Domain: bh.contextweb.com
URL: http://bh.contextweb.com/bh/visitormatch?tag=568482&pid=560224

Domain: pixel.quantserve.com
URL: http://pixel.quantserve.com/pixel/p-01-0VIaSjnOLg.gif?tags=CONTEXTWEB.IAB24-2,PUBLISHER.560224,,CAMPAIGN.0.0,,ADSIZE.728X90,ZIPCODE.91710,PUBLISHERDOMAIN.lame.buanzo.org

Domain: aax-eu.amazon-adsystem.com
URL: http://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=simplifi

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4276969157128104&output=html&h=90&slotname=2038096409%2F4655108129%2F7468771169&adk=3904954725&adf=3769760005&w=728&lmt=1504037839&ea=0&flash=0&url=http%3A%2F%2Flame.buanzo.org%2F&wgl=1&dt=1504037839668&bpp=12&bdt=1319&fdt=13&idt=15&shv=r20170823&cbv=r20170110&saldr=sa&correlator=986499056054&frm=23&ga_vid=292573489.1504037838&ga_sid=1504037839&ga_hid=1896086888&ga_fc=0&pv=1&iag=15&icsg=2&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=92&ady=918&biw=1585&bih=1200&isw=728&ish=90&ifk=2954811709&eid=575144605%2C21060850&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=20&bc=1&ifi=3&dtd=20

Domain: bh.contextweb.com
URL: http://bh.contextweb.com/bh/visitormatch?tag=574391&pid=560224

Domain: pixel.quantserve.com
URL: http://pixel.quantserve.com/pixel/p-01-0VIaSjnOLg.gif?tags=CONTEXTWEB.IAB24-2,PUBLISHER.560224,,CAMPAIGN.0.0,,ADSIZE.728X90,ZIPCODE.91710,PUBLISHERDOMAIN.lame.buanzo.org

Domain: aax-eu.amazon-adsystem.com
URL: http://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=simplifi

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-cpm.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ads.contextweb.com
bh.contextweb.com
c.amazon-adsystem.com
cas.criteo.com
cat.fr.eu.criteo.com
csi.gstatic.com
dis.criteo.com
dpm.demdex.net
googleads.g.doubleclick.net
idsync.rlcdn.com
lame.buanzo.org
pagead2.googlesyndication.com
pixel.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
tag-st.contextweb.com
tag.contextweb.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.googletagservices.com
www.gstatic.com
aax-eu.amazon-adsystem.com
bh.contextweb.com
csi.gstatic.com
googleads.g.doubleclick.net
pixel.quantserve.com
151.101.112.166
178.250.0.66
178.250.0.71
178.250.2.74
178.250.2.76
216.58.207.34
2800:3f0:4001:80b::2003
2a00:1450:4001:81f::2002
2a00:1450:4001:824::2001
2a00:1450:4001:824::2003
2a00:1450:4001:824::200a
2a00:1450:4001:824::200e
52.22.202.128
52.44.233.178
52.94.218.7
54.240.190.20
54.72.198.94
68.168.100.132
04dbd127f5ae130974c7b8732823636dc1099ee31ffb7c36e4614bbb8826afde
1206db8d76be15bc5f8c48968f10a08f8444fd4f51054621fb768c99a91b40fc
13563f5861c369878a05fe1cacd89d46d98a47e5297b3afa6e5d30cc5b40f6e8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
26dc979a6908d24b8f76fbb81d1b2d48bda07e8de73408d1aa45eac1421ff47d
29c24277b81fec59ff72b119460ea116047cf006b40c7b9f8798f902c9d9df98
2be41b7a9a044079c9d94ce46db30e9b3a06d67460da130042f35cacd129ba6a
2d2495fae3efb07f9f1e420001defa9ef3445869b48a02dac197caef93dbc827
32882f485f806a91b3d09093724ef41f5f738000f7f4ab1cfb4214d5186322e7
36ec60923a812c9e8f0579b28f33f2de61cede5822c29f27f46c952892ddd08d
3cd4d66eacb85df0c8ac8a7223eb03f6ca859fd593dbb57a48bf15f74f5265e7
3e8f792c98c0bbff383dabea3fd6427e588dd87838634c81615f96c8ab962628
41c4161146ad2423c111322cd8e3a9517e3a3df87d5cab6f52e6c8bf789942a4
444dcb11f79cdda9816753608bea5c773f73ab83f4d15d79b4aaf16251c5c8ca
48098da7b08a94c3c3c814c6c7f1ec8caf664c16fd02771b86ea4a88469ba11e
4bd7db4cf4edd4c8c8fc5f86b3909a81feb99aa92179d61017716b2d750a4486
4c23865d180f804df030e56f4d06adfdbefc2e8720b8553596036387e23ab9b2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50b7079c0de810657b73c2897480f9bb88abf801f402d7fcbff5f0bc2ede8b46
51a15aa3631286415b03a9866697062fc6b288cb3e402c01ae8ccab0f0090dc7
522cc831f77209aa434abd05e5a9a114ec3aab233232394877ea5446130584de
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
60e10e3b6eced8717a382fc6a956130a59c244781477c9c45565c08b5d7b869b
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6714b7f0fb58590fd05cc03eac6bac5b285cebe007ecb0e991f99c711c73f446
703b89cee0b3baa15cc961be1927045306e29af0eb8cf296c214ad790aa2746e
7bfac2f5711fdf30fcb666aea052f5526accc1d4f10d51d539463221cb85d7b2
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
972f720005b7ec27ddfce720e6d01f3e921aedce7ab19cfb1d1e2f937c538902
9adc728fa9613ec8b957dfe20619d1f5bb630841c927c935bca6624c68d5c6dc
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bc1ab6d17de6a7f53e8c7c4d642f5e16875437e5824dd90e7bc732940e2988df
c4fa14a568e099dd43cb4a3df3512410d64e555eb52f707b1017dfa36c963a98
c68a986da91a45df94f37e198c73cb5f93e22e23eabfc8c3a9a258f998dc0af7
c78dbc860728f695fb9d23821e8363c4b47253641c745c246b83ba839512656a
c796a0817743bab5a2aad429f2d4ca0b1f335773e7358b16cd273de6b3661485
c9e99b49916b15f789b59ef12b353b7d699f79c4b9b827f8589ed696976a8c18
cc5fd3466f6db3bd945749780fce0bd216fa8b13b376c317b88d5e4d7276160c
cd219a343d3736b25c93fcc9b9eef9956e8453e8cec89fc5367bfac6feed5e82
defb74d13026c171cd647335eff84beccf1e83e3d4bb1680610281a227a41709
dfbc5be01adacc6dd2609729d4955f1d1697632bc06c4e5c035c1dc87fc3e16d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed2ac84f7b8c4cedd25cac170536f569715d6f20bb3edb29ad6cd309987991cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fefeaf0ab826564f7beb4370f5ffdc4fba1f0aeaba706a8e8b3a61944244f147

lame.buanzo.org Open in urlscan Pro 68.168.100.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

90 Requests

38 %HTTPS

33 %IPv6

15 Domains

25 Subdomains

19 IPs

4 Countries

594 kBTransfer

2259 kBSize

0 Cookies

24 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lame.buanzo.org Open in urlscan Pro
68.168.100.132 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

38 %
HTTPS

33 %
IPv6

15
Domains

25
Subdomains

19
IPs

4
Countries

594 kB
Transfer

2259 kB
Size

0
Cookies

90 HTTP transactions
2 data transactions