www.u2interference.com Open in urlscan Pro
104.26.6.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.interference.com/
Effective URL:
https://www.u2interference.com/forums/
Submission Tags: falconsandbox
Submission: On July 25 via api (July 25th 2021, 10:00:47 pm UTC) from US

Summary HTTP 228 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 46 IPs in 4 countries across 28 domains to perform 228 HTTP transactions. The main IP is 104.26.6.126, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.u2interference.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time www.u2interference.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:bde0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 22	104.26.6.126 104.26.6.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3 9	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.95.142 143.204.95.142	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
9	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
6 9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
41	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
5	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	195.201.152.90 195.201.152.90	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
1 4	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
3 6	52.48.71.76 52.48.71.76	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21f... 2600:9000:21f3:3c00:1a:7c92:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
228	46

1 2606:4700:3031::ac43:bde0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.interference.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.26.6.126 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.u2interference.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.95.142 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-142.fra50.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.14 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.152.90 (Germany)

ASN24940 (HETZNER-AS, DE)

opt.objectiveportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.49 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal90001.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.48.71.76 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-71-76.eu-west-1.compute.amazonaws.com

ti.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:3c00:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.125 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	742 KB
41	2mdn.net s0.2mdn.net	1 MB
33	doubleclick.net 6 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	242 KB
22	u2interference.com 1 redirects www.u2interference.com	128 KB
11	google.com 3 redirects www.google.com adservice.google.com	1 KB
9	tradetracker.net 3 redirects ti.tradetracker.net static.tradetracker.net	37 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal90001.redintelligence.net	22 KB
6	googletagservices.com www.googletagservices.com	200 KB
5	ampproject.org cdn.ampproject.org	101 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	facebook.net connect.facebook.net	171 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	91 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	51 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	spotxchange.com 2 redirects sync.search.spotxchange.com	2 KB
3	openx.net 2 redirects us-u.openx.net	735 B
3	google.de adservice.google.de www.google.de	395 B
3	facebook.com www.facebook.com	179 B
2	teads.tv sync.teads.tv	344 B
2	googleadservices.com www.googleadservices.com partner.googleadservices.com	14 KB
2	googletagmanager.com www.googletagmanager.com	115 KB
1	createjs.com code.createjs.com	63 KB
1	yahoo.com ads.yahoo.com	299 B
1	cloudflare.com cdnjs.cloudflare.com	34 KB
1	objectiveportal.com opt.objectiveportal.com	528 B
1	amazon-adsystem.com z-na.amazon-adsystem.com	8 KB
1	interference.com 1 redirects www.interference.com	729 B
228	28

	Domain	Requested by
41	s0.2mdn.net	www.u2interference.com s0.2mdn.net tpc.googlesyndication.com fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
38	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com www.u2interference.com s0.2mdn.net cdn.ampproject.org googleads.g.doubleclick.net
24	pagead2.googlesyndication.com	www.u2interference.com pagead2.googlesyndication.com fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
22	www.u2interference.com	1 redirects www.u2interference.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com www.u2interference.com
9	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.u2interference.com
9	www.google.com	3 redirects www.u2interference.com tpc.googlesyndication.com fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
6	ti.tradetracker.net	3 redirects www.u2interference.com hal90001.redintelligence.net
6	www.googletagservices.com	www.u2interference.com pagead2.googlesyndication.com fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	connect.facebook.net	www.u2interference.com connect.facebook.net
4	hal90001.redintelligence.net	1 redirects fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com hal90001.redintelligence.net
4	googleads4.g.doubleclick.net	www.u2interference.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com
3	sync.search.spotxchange.com	2 redirects googleads.g.doubleclick.net
3	static.tradetracker.net	fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com hal90001.redintelligence.net
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	www.facebook.com	connect.facebook.net www.u2interference.com
3	ajax.googleapis.com	www.u2interference.com
2	hal9000.redintelligence.net	fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com hal90001.redintelligence.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.googletagmanager.com	www.u2interference.com www.googletagmanager.com
2	fonts.googleapis.com	www.u2interference.com hal90001.redintelligence.net
1	ade.googlesyndication.com
1	code.createjs.com	s0.2mdn.net
1	ads.yahoo.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	s0.2mdn.net
1	opt.objectiveportal.com	fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
1	www.google.de	www.u2interference.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googleadservices.com	www.googletagmanager.com
1	z-na.amazon-adsystem.com	www.u2interference.com
1	www.gstatic.com	www.u2interference.com
1	www.interference.com	1 redirects
228	41

This site contains links to these domains. Also see Links.

Domain
u2.interference.com
interference.com
forum.interference.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
z-na.amazon-adsystem.com Amazon	`2020-12-12` - `2022-01-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.objectiveplatform.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2021-08-27`	6 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
redintelligence.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
*.tradetracker.net Amazon	`2020-12-20` - `2022-01-18`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-06-23` - `2021-08-04`	a month	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh

This page contains 22 frames:

Primary Page: https://www.u2interference.com/forums/
Frame ID: FD7B14ED2F80A1E8EC6A738DBBE29493
Requests: 65 HTTP requests in this frame

Frame: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BBD37C697C5649AF962D4709FD545E07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757781251671730&output=html&h=15&adk=1753343235&adf=113075344&w=728&lmt=1627250430&channel=2109660748&format=728x15_0ads_al_s&color_bg=0a837f&color_border=789048&color_link=FFFFFF&color_text=333333&color_url=666666&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627250430791&bpp=8&bdt=289&idt=119&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=5150052544770&frm=20&pv=2&ga_vid=1199576423.1627250431&ga_sid=1627250431&ga_hid=2137611257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C44740386&oid=3&pvsid=4051945731884443&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=p0rxRDpmTH&p=https%3A//www.u2interference.com&dtd=129
Frame ID: 09BDAC5F4135026EEFAF2C14F0690080
Requests: 1 HTTP requests in this frame

Frame: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 96382863C41032065489B7B213B2F9A1
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0013F96A2B9F1D16978004BEA9BA45D6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E0A974378AB6B29F0EA0DB73AAFCA1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoYzvmVqgEwAQ&v=APEucNUxH28zhGwTH4eZUqOwA5xsbt6cepkk_lexVnl2D098PUOxDo9wFBES775DY-fo4YSCR7WGxicNROZybpsDFbjDoEj3U2ViFDAthPDyIIJpiY9HxudYPaczMGx6oau9ylgb04fYNHvQEA0zD7hlNBGg35R59exqcmF5dSRd_RRxX69g5oE
Frame ID: DB74AADB0E6E9199B733C4A4403CCA41
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 74E5591E79ACE297D725F2FEE1D55B48
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
Frame ID: 26489DDE565B10433D914225617F02A0
Requests: 38 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032107200040000/amp4ads-v0.mjs
Frame ID: 3F5C8CB1C0F4EA44F216624BCDC6EE80
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Frame ID: 8917686580FA4080D7BAAA5E9172F999
Requests: 1 HTTP requests in this frame

Frame: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2152254EB1BDA99C6901A7A0F3D5B870
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNXyiGpuChsJ9TxrQdB-WlzfcwpxEjihfR1494N0RnIAPAofyNaXTtVoUwELHT4lqbtx2SHXFnl_S5kwhZBRK-nTnKmfYrWXSkc5eG3oV_cc368E-sABB1xhWG1qpB6rB61_CavCMKUa8nN0796isMAajElRM_368Khi5oXSo4VtdI8MxD4
Frame ID: 8B7D416B211BA178A1EA8C0D8929D91D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0A7A45B78FD59DF35055B6AB49225AD8
Requests: 3 HTTP requests in this frame

Frame: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7DA269BD11F230DDE737ED595BEA41A6
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html
Frame ID: D27A31D3A9DFA7F54963C88D18415B77
Requests: 15 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=92070900000058100719594011667001&a=16a63c83
Frame ID: 2C63805E653AD634243450EDE04873BD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D58A2E151DBDDB865B4C7FE58A9E11F0
Requests: 2 HTTP requests in this frame

Frame: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7472F2DED45FD510ECD37ACCB7209BE1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQqtLeAhiviPKaATAB&v=APEucNWaUiuPBt5ytS5ZsetKdQG9b5eouWckNuP6e60DnoyI89JD6lp9ByDTiPyCl814-yIUOKx1F3bW7MlGqeYNO4wRr8kxfRO89gLBON4bdMRjWKY7R6gh5lAzbdRrcynQLzL4mluj8no7qP9OHs0KndQ2A-YiOrU7hL9MNp8lZQdic5ZUFWE
Frame ID: EA33C912FF5F13ADC66BF16896328670
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE342E09A0CF185D3A3E1A499086FE0E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9631534/1612219691695/SquareOnline_NewYears_728x90_RST/index.html
Frame ID: 9998F1BEEBE5A4FFA04BF1F0F1B2380C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.interference.com/ HTTP 301
http://www.u2interference.com/forums/ HTTP 301
https://www.u2interference.com/forums/ Page URL

Detected technologies

vBulletin (Message Boards) Expand

Overall confidence: 100%
Detected patterns

meta generator /vBulletin ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /vBulletin ?([\d.]+)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

228
Requests

100 %
HTTPS

65 %
IPv6

28
Domains

41
Subdomains

46
IPs

4
Countries

3479 kB
Transfer

7298 kB
Size

14
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://u2.interference.com/misc.php?do=sknetwork&page=rules
Title: Community Rules

Search URL Search Domain Scan URL

URL: http://interference.com/stories/id106658.html
Title: U2 Tour Info

Search URL Search Domain Scan URL

URL: http://forum.interference.com/t103843.html
Title: Read our Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.interference.com/ HTTP 301
http://www.u2interference.com/forums/ HTTP 301
https://www.u2interference.com/forums/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsmBtzkbKNLBsXtVd97u1U&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsmBtzkbKNLBsXtVd97u1U&google_cver=1&C=1

Request Chain 76

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YP3e-4jKs.uI-P3iu-SXhwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsmBtzkbKNLBsXtVd97u1U&google_cver=1&google_hm=2

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA2CkPpHWkFBkBqzLgZU8TY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA2CkPpHWkFBkBqzLgZU8TY%26google_cver%3D1

Request Chain 78

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk4OTI5NjQyNDI4NjkyNDAyOA%3D%3D

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENKcOus-lAy67QxXBUnod5w&google_cver=1

Request Chain 142

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWNmMDgzNDctNmMyYS0yZTEwLWZlYTEtMmZlNGJkZDViODc3

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEM-4Aj5AZ0LIU8yw0xT8urw&google_cver=1

Request Chain 150

https://hal90001.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=474344ccad&subid=&uid=d90303fab0dd2983&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeyLT_979YKn7GNfPgAfUkoiABuKw3PBfvrPU-4kL8C4QASDslpAbYJGEgICMGMgBCakCNeHEoSzAsz6oAwGqBOcBT9BAyfSRW_t0sNFi3yd8DknC49G0i6zQC560XABMTK6cZehQ5R3kFSYD8X9F9-hxJJX260OK0TU7KelKi2jVwe1a3czlIX-xyI_hVN6pCblp2u174YCAf74_YZXcB_WBuLabjYCiKXcl-2a992DlxEKT91Sb85x7CQ4F4dAXGKAk568r4G9jEN58kVGU-wvWPwkd4J0-inp2WJJWvFqId6Dpo4ZsWyDy_INrEjHayKYBeVgv15alpYemCZW-75AbMvYB8aAeOz0mlEqcJ6puE4iTbclRZTqnxis5cP_kdAifh4F8UH2ewATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5flsgrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoh1ZJGU6EsUhgHe7KxAVQDw07uw%26sig%3DAOD64_2yr75ILr9CDA_XIPZ7mMPl-mpkVQ%26client%3Dca-pub-1764236915120661%26dbm_c%3DAKAmf-Cbrs_aqotsV0_cAnpwaEXFfGKPrCc-9gTgJj_QKX3lsEyTvOm5gmLhkWA3mJZhEjdCU6T0Kn3Xppz22CKKXqObHGFE_efjj76uHw-SDrRxYv3z5vaFbLQY531MRDWcpaYp7qucfHbxZVzxtMxbdiB7Xz9tQA%26cry%3D1%26dbm_d%3DAKAmf-AzzvZpYsKX0L9_IhHZUtNbHSKS-WT6Or-PA9RL4s2wP-XQCmrt6CqK4HkHi1Z3NL2uTUoBb2ky-ANnLM5EhB3Hrl7EkHEQZSqTfDBGchHoELR1_NTLS2DIBYYxG0yaTf2OnMQDjumKfErU7E7DbNxK0P2EPUb-aDnl2pN0ShG6NJMAJITBxZo80Kk6YZegAyx6fLwngwfjdIq4xuz0pmtLO64eVQC5VgJDdmEiuo9RHVo9YwSREme7hrriP9Hun5Jz_ksE7DvW53HAo4x3xtyLNoa6OheuCzdl_JUrPxGWMuJTBVx5tOaw4gVY2-ppf0l178zmnzKu_-CkFd3NyCc2uUvnkUOPiijDrvEpkisz0XnuBEO7HWLBkcBdiSU1fE6aXhID_gb7B0DH8I71nhSBPb5wO9wEfwj0O2f5yLEWwpW83aKDwHaQC1fmFX3oN9lgbss7yYsSI5u-91M2YB3_8U3q-g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.u2interference.com%2F&ancestorOrigins=https%3A%2F%2Fwww.u2interference.com&random=5831362212225&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90001.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=474344ccad&subid=&uid=d90303fab0dd2983&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeyLT_979YKn7GNfPgAfUkoiABuKw3PBfvrPU-4kL8C4QASDslpAbYJGEgICMGMgBCakCNeHEoSzAsz6oAwGqBOcBT9BAyfSRW_t0sNFi3yd8DknC49G0i6zQC560XABMTK6cZehQ5R3kFSYD8X9F9-hxJJX260OK0TU7KelKi2jVwe1a3czlIX-xyI_hVN6pCblp2u174YCAf74_YZXcB_WBuLabjYCiKXcl-2a992DlxEKT91Sb85x7CQ4F4dAXGKAk568r4G9jEN58kVGU-wvWPwkd4J0-inp2WJJWvFqId6Dpo4ZsWyDy_INrEjHayKYBeVgv15alpYemCZW-75AbMvYB8aAeOz0mlEqcJ6puE4iTbclRZTqnxis5cP_kdAifh4F8UH2ewATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5flsgrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoh1ZJGU6EsUhgHe7KxAVQDw07uw%26sig%3DAOD64_2yr75ILr9CDA_XIPZ7mMPl-mpkVQ%26client%3Dca-pub-1764236915120661%26dbm_c%3DAKAmf-Cbrs_aqotsV0_cAnpwaEXFfGKPrCc-9gTgJj_QKX3lsEyTvOm5gmLhkWA3mJZhEjdCU6T0Kn3Xppz22CKKXqObHGFE_efjj76uHw-SDrRxYv3z5vaFbLQY531MRDWcpaYp7qucfHbxZVzxtMxbdiB7Xz9tQA%26cry%3D1%26dbm_d%3DAKAmf-AzzvZpYsKX0L9_IhHZUtNbHSKS-WT6Or-PA9RL4s2wP-XQCmrt6CqK4HkHi1Z3NL2uTUoBb2ky-ANnLM5EhB3Hrl7EkHEQZSqTfDBGchHoELR1_NTLS2DIBYYxG0yaTf2OnMQDjumKfErU7E7DbNxK0P2EPUb-aDnl2pN0ShG6NJMAJITBxZo80Kk6YZegAyx6fLwngwfjdIq4xuz0pmtLO64eVQC5VgJDdmEiuo9RHVo9YwSREme7hrriP9Hun5Jz_ksE7DvW53HAo4x3xtyLNoa6OheuCzdl_JUrPxGWMuJTBVx5tOaw4gVY2-ppf0l178zmnzKu_-CkFd3NyCc2uUvnkUOPiijDrvEpkisz0XnuBEO7HWLBkcBdiSU1fE6aXhID_gb7B0DH8I71nhSBPb5wO9wEfwj0O2f5yLEWwpW83aKDwHaQC1fmFX3oN9lgbss7yYsSI5u-91M2YB3_8U3q-g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.u2interference.com%2F&ancestorOrigins=https%3A%2F%2Fwww.u2interference.com&random=5831362212225&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 188

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 196

https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=92070900000058100719594011667001&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png

Request Chain 197

https://ti.tradetracker.net/?c=29026&m=1463044&a=70002&r=92070900000058100719594011667001&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/6b/d4fbe93890fb48767a755f66b5fd1571de5cf9.gif

Request Chain 198

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=92070900000058100719594011667001&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEI_iVMTw0JCkK3icuFmhCUQ&google_cver=1

Request Chain 212

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=bb9f9155-ed93-11eb-8f7a-1e1d47870306 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YmI5ZjkxMGQtZWQ5My0xMWViLThmN2EtMWUxZDQ3ODcwMzA2

228 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.u2interference.com/forums/
Redirect Chain

http://www.interference.com/
http://www.u2interference.com/forums/
https://www.u2interference.com/forums/

105 KB
21 KB

284ms
244ms

Document
text/html

104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85fbb617006fda03647a23aa3c1312644a401c1c32f3b26c34f9f4137f7b52d3

Request headers

:method: GET
:authority: www.u2interference.com
:scheme: https
:path: /forums/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; path=/; HttpOnly bblastvisit=1627250430; expires=Mon, 25-Jul-2022 22:00:30 GMT; Max-Age=31536000; path=/; secure bblastactivity=0; expires=Mon, 25-Jul-2022 22:00:30 GMT; Max-Age=31536000; path=/; secure PHPSESSID=jitcrji2autl092i433dkvrai3; expires=Mon, 26-Jul-2021 22:00:30 GMT; Max-Age=86400; path=/
cache-control: private
pragma: private
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFxORB4iUW8gd0EINO7q70Gb0Y9mUKbDaOoGnT1OFAgo315jIUExEi0xeqCQbAlNtQ7o4WXM92TCU%2FfF1XbYSQ9EmA3S4VqMzALC4w14EFlUEijbNmbRpEhAWevkAlc47Vr3SKpuFoc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6748a9552d6e41b6-AMS
content-encoding: br

Redirect headers

Date: Sun, 25 Jul 2021 22:00:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 25 Jul 2021 23:00:30 GMT
Location: https://www.u2interference.com/forums/
cf-request-id: 0b814828f400004242edb52000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8c4d0QgHkk4CTSNueFhdUoLrBB3v36ysiz4uB442MPmIVrufTfAQJTFco%2B3bJwp8Cy6e2A4mXNIKwKLQdcsoyMcaUsmUrgxqeFG0%2BhHGQMguq5nVmSiVwf9jrwGnF2ryAzMLV5lghyk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6748a954bf3d4242-AMS

GET
H2 200 vbulletin_important.css
www.u2interference.com/forums/clientscript/ 2 KB
938 B 24ms
22ms Stylesheet
text/css 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u2interference.com/forums/clientscript/vbulletin_important.css?v=388b1
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ac7c4ba18caedf9ed41b3298b9ee56a11372425ddda2852cf4bb6db7f4e7a7a

Request headers

:path: /forums/clientscript/vbulletin_important.css?v=388b1
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2012 13:39:05 GMT
server: cloudflare
age: 6610
etag: W/"2414a9-69a-4b6b97467b040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYVsXyrspB87H9%2Fsjk6cEIrwA5fSYJ5qIgQQcwh%2BGullaCa2NJagB3NKGIw7YkjevVZy%2BBQzBjw6G536O7rSNBE4kXabESuSZGNklzuLcKsmcQbdU%2BxcEB1xFuHxoTKw4dR6tFoOkTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6748a956bfb141b6-AMS

GET
H2 200 css
fonts.googleapis.com/ 3 KB
553 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Jul 2021 21:50:36 GMT
server: ESF
date: Sun, 25 Jul 2021 22:00:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jul 2021 22:00:30 GMT

GET
H2 200 yahoo-dom-event.js Show response
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yahoo-dom-event/ 37 KB
13 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yahoo-dom-event/yahoo-dom-event.js?v=388b1

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34e4be92ec5b080fa8861ec31ab78bf63baad3b2242b5975a38de8d2807857aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 21:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13289
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 21:40:57 GMT

GET
H2 200 connection-min.js Show response
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/connection/ 13 KB
4 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/connection/connection-min.js?v=388b1

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1287adfc1c6761dcb4221e342113981bfcf6067e0f65adbf417674f5e83da4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 547483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4463
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 13:55:47 GMT

GET
H2 200 vbulletin_global.js Show response
www.u2interference.com/forums/clientscript/ 25 KB
8 KB 29ms
28ms Script
text/javascript 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u2interference.com/forums/clientscript/vbulletin_global.js?v=388b1
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d9080760fb04c41ad132bc5bd8853e1b8b1aacabbb846c2dc3d1916acc1e872

Request headers

:path: /forums/clientscript/vbulletin_global.js?v=388b1
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2012 13:39:05 GMT
server: cloudflare
age: 6610
etag: W/"2414a7-65ac-4b6b97467b040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=311b8KV1efoKslwvgQjW1PxS5SkhviJXAjhBEZCDdVwBa2vGQRkZVRygmGIhgbp0Qva8hdVhbpP1%2Fs4rZx9cT9C378fFsKrFNJRNWm%2FVXcEIxRTHF%2ByjW7Nbv9tvn%2BHgVx0ddv%2FWYak%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6748a956bfb441b6-AMS

GET
H2 200 vbulletin_menu.js Show response
www.u2interference.com/forums/clientscript/ 9 KB
3 KB 27ms
25ms Script
text/javascript 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u2interference.com/forums/clientscript/vbulletin_menu.js?v=388b1
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067ad6162310c82154f264907e0a51046705579b1eb7e5a0023d2cb583ec075f

Request headers

:path: /forums/clientscript/vbulletin_menu.js?v=388b1
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2012 13:39:05 GMT
server: cloudflare
age: 6610
etag: W/"2414ae-24e1-4b6b97467b040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQ9jgyNjO9YYouiQSJh%2FZov61BPi5GH0V8AKG9UhYPDuB2TdB%2Fh3kq%2F2hQLumBldbKgYu0Li9rrI6wSnoMScYzxa5Cf7W8BsWt%2BEVAgvlq8QyTlsjU%2FUu6h2EOCJiGPimcT85dJ0iNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6748a956bfb541b6-AMS

GET
H2 200 ncode_imageresizer.js Show response
www.u2interference.com/forums/clientscript/ 6 KB
2 KB 25ms
24ms Script
text/javascript 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u2interference.com/forums/clientscript/ncode_imageresizer.js?v=1.0.1
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98ed6ef07642d3906afa574e85f0fe763cb41882c460180383c3361c0686839

Request headers

:path: /forums/clientscript/ncode_imageresizer.js?v=1.0.1
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2012 13:39:05 GMT
server: cloudflare
age: 6610
etag: W/"241480-198e-4b6b97467b040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEUqnqX5AI82E20kAW140LvCjCy3gOKid6KxAP8zjpJvc33J9oQJXyWc4RhRzeo4khm0Wnm32ELndKnAUDd%2FuBZwOuCR8Pc74lw%2BVKbLSFoHNYaAFShr0o9fqQLT4ETuqtf1xmM%2BvIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6748a956bfb641b6-AMS

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.4/ 90 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 14:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32222
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 14:45:35 GMT

GET
H2 200 api.js Show response
www.u2interference.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 23ms
19ms Script
text/javascript 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.u2interference.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0q04WuvvUq05492m116%2FZTfIe1xR5wXlBHgmG9VJydr0eXeBs8H08mXw6znSzCIoV34Te342C%2FtjxMHa%2FTyc1%2BFoQF3hXX7WLH9waZeErhwlSRzlnmkaKa8Ios%2B2ZtGHf%2F12QFfA8LQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6748a956f80c41b6-AMS
cf-request-id: 0b81482a59000041b6d4a09000000001

GET
H2 200 logo.png
www.u2interference.com/forums/images/u2/misc/ 3 KB
4 KB 28ms
24ms Image
image/png 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/u2/misc/logo.png
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7ba7e3e18501f3b228ef2965f551646ad94922a1eac09b5e220e6371178886

Request headers

:path: /forums/images/u2/misc/logo.png
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2015 20:47:53 GMT
server: cloudflare
age: 5431
etag: "500f70-d32-51b91004ff040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAn5yDXpEMrhQC%2Bm5EldgInNNpvHR%2BrJ3uYO%2FZ%2BG4JrJp6rUvYEY6FY3XYY4%2BHXXtxE4y7YX%2BB4uOZW0ocQGvwZg9vV%2Ba37wOjJgCUxAFYMq1CsMNpEjN%2BCH0dMZ0BKCI6j3ZJHRQO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a956f80d41b6-AMS
content-length: 3378

GET
H2 200 navbits_start.gif
www.u2interference.com/forums/images/u2/misc/ 56 B
507 B 28ms
24ms Image
image/gif 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/u2/misc/navbits_start.gif
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb501d63375e6f5cb9642478b5282de86b21c7488b07a7985f6962e4d2ca0efe

Request headers

:path: /forums/images/u2/misc/navbits_start.gif
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2015 20:47:54 GMT
server: cloudflare
age: 5431
etag: "500f7f-38-51b91005f3280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FSOHOhEBJatmiYmmf3rA1PG9DrX55ifr0OzlJr2Q6wopqGVc9I%2BAQl8D7V0mk44pQDS7Qsl%2F9h8LG00irbeGy6EgJT9%2Fktp8yGtqcsPbL0bdwfDSp5iTgCov1%2FgYtkyxAqSENwMatc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a956f80e41b6-AMS
content-length: 56

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
14 KB

7ms
7ms

Script
text/javascript

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 01:54:32 GMT
vary: Accept-Encoding
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
x-content-type-options: nosniff
age: 72358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: text/javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13880
x-xss-protection: 0
expires: Mon, 26 Jul 2021 01:54:32 GMT

Redirect headers

date: Sun, 25 Jul 2021 21:56:37 GMT
x-content-type-options: nosniff
server: sffe
age: 233
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:26:37 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 97 KB
35 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb5d0db4a0e486d673deb8cdb8db8f27e3060f969f7cdd204e0923b0a71c5705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35374
x-xss-protection: 0
server: cafe
etag: 10446470180555236043
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:00:30 GMT

GET
H2 200 collapse_tcat.gif
www.u2interference.com/forums/images/u2/buttons/ 112 B
414 B 110ms
106ms Image
image/gif 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/u2/buttons/collapse_tcat.gif
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a886d7dc1c6da863baebeee6ae961cfee493cb362abed070bde2728abe50eae

Request headers

:path: /forums/images/u2/buttons/collapse_tcat.gif
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2015 20:47:44 GMT
server: cloudflare
etag: "500eef-70-51b90ffc69c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTyZkoRp4DbBPPQbJUzsmV865%2FB3EmdR2sEAq%2BLS1UOAwXRGVW%2BjoFggWs0ENLFYdmJjoBhlklfNtASZHhnL46VrAoTyQrAKvPIzblxvQ1ONZCsmC2KAF%2Bd9zVmaxSzpAaDxKIXLzgo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a956f80f41b6-AMS
content-length: 112

GET
H2 200 forum_old.gif
www.u2interference.com/forums/images/u2/statusicon/ 2 KB
2 KB 123ms
119ms Image
image/gif 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/u2/statusicon/forum_old.gif
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13c73f892c5654a455ca5c028c00f48ee52f4c25f688e1aeb18461752d1c7302

Request headers

:path: /forums/images/u2/statusicon/forum_old.gif
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Sep 2016 20:14:20 GMT
server: cloudflare
etag: "500ff2-764-53c6941febf00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiX8BXa8Qc66RKVmnhRGbwIn4tN7yAz5FEuHpm%2BWgsGuaE5uY3Yf22Ga1Wf%2Fjvp1Pkr76xxlXbBTnSvsLgElmOZ%2Bdo0uvf7M61lxu%2FBJqoGpwDdh0uetENbH6qQF0ShZGCJ6%2BpvtZHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a956f81141b6-AMS
content-length: 1892

GET
H2 200 subforum_old.gif
www.u2interference.com/forums/images/u2/statusicon/ 187 B
515 B 108ms
105ms Image
image/gif 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/u2/statusicon/subforum_old.gif
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 385e7978de95276cc6b8777e4a6607e0c8199cafb47b7502fce8aeb4b0187a97

Request headers

:path: /forums/images/u2/statusicon/subforum_old.gif
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2015 20:48:03 GMT
server: cloudflare
etag: "501008-bb-51b9100e886c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOxiyDEEHBRqDSFnbGi55Xdw25CI9XRN2k3cKHPkUNA%2BZQVyOElEzHfWYfwNtlA9cHBQv5HXXwnjF%2FZ9LUlnBmk6K2%2BYEdKRVWJq%2BvpdQuOj4FGUOE8zytOJIjYlg83InszIFFTSv0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a956f81341b6-AMS
content-length: 187

GET
H2 200 icon6.gif
www.u2interference.com/forums/images/icons/ 1 KB
1 KB 128ms
124ms Image
image/gif 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/icons/icon6.gif
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 322525c091ba1bfab8a63355bdfbce7fb49058247a79e0d787c99e6949d58187

Request headers

:path: /forums/images/icons/icon6.gif
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 21 May 2008 12:22:07 GMT
server: cloudflare
etag: "260e28-413-44dbca52999c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FQZuEvD4pp5EQH0CSX7wQ2q2dbb1WlIeSiSfhU8nr1hEEhKQTdWVsbwByn3sFi1aLkGC4G4Lysfsg00mZaZZFl1dZlr8KFR8lL8Yj3%2B2bnzoPls2P%2BBwvOxWIGXu%2BlkdXylyWTCv8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a956f81441b6-AMS
content-length: 1043

GET
H2 200 faint.gif
www.u2interference.com/forums/images/icons/ 2 KB
2 KB 119ms
115ms Image
image/gif 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/icons/faint.gif
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bfe13ef908e46e71d5c574be1b3b64df3f4c5dfd11a47b65739eeac509f9d8

Request headers

:path: /forums/images/icons/faint.gif
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
last-modified: Wed, 21 May 2008 16:15:51 GMT
server: cloudflare
etag: "260dfd-672-44dbfe90edbc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjexCD20s%2FIgjZNeuP%2BnTj3T2y2U3RfCrfwG5AHbkRcq8S%2B4Chf5DvAjdnR6bcd0g9mPGKn62JCM76AeeqU7CibdsZHQCLx5n91TubiZOlTGpZQgZGAb10KaK7uBJbREm6xQZK%2FfN9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a956f81541b6-AMS
content-length: 1650

GET
H2 200 vbulletin_read_marker.js Show response
www.u2interference.com/forums/clientscript/ 3 KB
1 KB 111ms
107ms Script
text/javascript 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u2interference.com/forums/clientscript/vbulletin_read_marker.js?v=388b1
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55b6c3bbd4916f12c570b45b9729aad8847366c4970cd3b14219f52298ee6ade

Request headers

:path: /forums/clientscript/vbulletin_read_marker.js?v=388b1
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2012 13:39:05 GMT
server: cloudflare
etag: W/"2414bc-d70-4b6b97467b040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0vOmDwD8zOgWvztubEf24NIwftO6gwaFo3tE5GBTI06vUygpN7CE%2BjQMPGhpvgcSWXPd6V3GN23Qqt8%2Bn9FjO6G6L%2BGQXzlft8bIXRuKJacH7E1WiXSvEqMhmuW%2F3eY1qniK0X5lGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6748a956f80841b6-AMS

GET
H2 200 collapse_thead.gif
www.u2interference.com/forums/images/u2/buttons/ 580 B
940 B 32ms
29ms Image
image/gif 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/u2/buttons/collapse_thead.gif
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b73225e8c73c949e1ebc99577b46fd572f0816e5db7541f5fd3131c01841e3dd

Request headers

:path: /forums/images/u2/buttons/collapse_thead.gif
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2015 20:47:44 GMT
server: cloudflare
age: 5431
etag: "500ef1-244-51b90ffc69c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq23kJn7%2BV7nnptFr5NTfJSKXw7d78oPp3D62xaXVixKWoLBMbTWXYzoUK1WXR082nc3gF4jfY7iIBH1pT6XHwHxQt496BDV2grb8t3xYpncioWM2eC6rhGGPeLjCJFuiCRZD55zJmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a956f81641b6-AMS
content-length: 580

GET
H2 200 stats.gif
www.u2interference.com/forums/images/u2/misc/ 1 KB
2 KB 119ms
116ms Image
image/gif 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/u2/misc/stats.gif
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbab0a2802ea73cf61e34464b5aa8275e8721fb1d31347813fd7660f32e6942

Request headers

:path: /forums/images/u2/misc/stats.gif
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2015 20:47:55 GMT
server: cloudflare
etag: "500f8e-5b5-51b91006e74c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unjDkcHLAta5JSgYNqb7DiFnv0dPw9XUCX9u0jQ7O3qywQlLPQW01h1lZAxC1PKHMdsxzj5Z3QtfvxcvtRiSfh256glHSmkAHJqcZYSmKeAy4M8AeQzBglEbOl5Uenk0MjjdZvy9soY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a957083541b6-AMS
content-length: 1461

GET
H2 200 birthday.gif
www.u2interference.com/forums/images/u2/misc/ 1 KB
2 KB 121ms
119ms Image
image/gif 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/u2/misc/birthday.gif
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0662f34938534e35d71d92a981c64d20e61a12b774b4eb9613085dbe87cc73df

Request headers

:path: /forums/images/u2/misc/birthday.gif
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2015 20:47:51 GMT
server: cloudflare
etag: "500f54-591-51b9100316bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dBTuuoEMg%2FR6OsBVDpUXA%2BFMTfXKSdjyvTy%2FHoUGRvEn%2B10eMStcG34zmyVbPWdBYCui8hNgo9j%2BSbyTiuXu0nh%2Fa3fPR9hPHxmT%2Fca6D0tohBUf2Ryk7piJ1priQhGSJYI1SmUPOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a957083741b6-AMS
content-length: 1425

GET
H2 200 forum_new.gif
www.u2interference.com/forums/images/u2/statusicon/ 3 KB
3 KB 123ms
120ms Image
image/gif 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/u2/statusicon/forum_new.gif
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fefe3e8514b49d00f4e5b4c7584197a35d541d224f235f3b8d53387002c19229

Request headers

:path: /forums/images/u2/statusicon/forum_new.gif
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Sep 2016 20:11:03 GMT
server: cloudflare
etag: "500ff0-a81-53c693640c3c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNwy4kOX%2FGOQjWhobaNj40S5Nou%2FNArEp78E2vLYSsfPtXoAKfnIPccy9mJv8hmfLJQatOOunv5qO6vQRbOnsmPoSp3l5A57w%2Btatjpu6PnEUK%2Ft160XVZoyirg6HBa%2BRj77fy88EgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a957083841b6-AMS
content-length: 2689

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 24 KB
8 KB 80ms
25ms Script
application/javascript 143.204.95.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-142.fra50.r.cloudfront.net
Software: Server /
Resource Hash: ece10568ed076ba4620c225d4959a71e33dc03ea8154148368223eab3e761c51

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: Public
date: Sun, 25 Jul 2021 02:15:10 GMT
content-encoding: gzip
server: Server
age: 71120
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=86400,s-maxage=86400,no-transform
x-amz-cf-pop: FRA50-C1
content-length: 7944
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-id: f2QSAUn9t7ge5KbR9iGJswAcjuKZ92gTZU0kXqAZj77OF3RaC-xILQ==
expires: Mon, 26 Jul 2021 02:15:10 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d92b553913c34afc01bbd5df647f7a97b3bc9f306160a3c88e26e5d24b7852f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +AjsrKzFHhu6OhKCYIBFJg==
cross-origin-resource-policy: cross-origin
expires: Sun, 25 Jul 2021 22:16:37 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: jiVu8RuFEe1JGHF1mUBwb+nJhmUVdu/qSAjGq6bjtqTJ0d4eYSexou9PjsruYl7u/TQUhJbLcMGknqhGAeVgXA==
x-fb-trip-id: 917726464
x-fb-content-md5: 161de914e55143deb3b9017b020d7128
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Sun, 25 Jul 2021 22:00:30 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ba27af21921b1a67c172296644a7300a"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 68 KB
24 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13319f25fd8473e4176955d19a09e4614170c8a7941ef7966987ad6156536580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "940 / 695 of 1000 / last-modified: 1627229611"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24127
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:00:30 GMT

GET
H2 200 body_bg.jpg
www.u2interference.com/forums/images/u2/misc/ 62 KB
62 KB 37ms
35ms Image
image/jpeg 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/u2/misc/body_bg.jpg
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d422fd12738ddef2c702da863a0087d92bcd3061592e097d505d3130e2e87f9f

Request headers

:path: /forums/images/u2/misc/body_bg.jpg
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5430
content-length: 63019
last-modified: Thu, 23 Jul 2015 20:53:36 GMT
server: cloudflare
etag: "500f56-f62b-51b9114c1b400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3ivG0nfGDkVQ09ppvko43CwSVirBFsgV4rMQNPEs7Fj6mS4MRXCxQ6gfe9K1q3s4OtsbhauM5bbc%2BmRFIu2iuId0CHV9TgfopqKqW8oZ%2BNL1KrzxN7l8d6uPVD0Nhi6fmNM7X5HB4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6748a957083a41b6-AMS
cf-bgj: h2pri

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 227 KB
66 KB 14ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=657414f3d1df58fa5e5d5be216f6117c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f678711fe22e3ecf02aa2b968bbd842723cf113dcafae38e8eb4d95606fa313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.u2interference.com
Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yrR4ZrAlivqE0Zc7hin2LA==
cross-origin-resource-policy: cross-origin
expires: Mon, 25 Jul 2022 20:38:15 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67668
x-fb-rlafr: 0
x-fb-debug: aQT+e/+vJDjgavTKgBoKjTZoWImSjwyzUmhRhEUkkMd+D+TBLy8FuXLvpFeyohtuKJ/lrLNtgH0KMKOCpXbh3g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 75d7de44ceb63cb0e97291d67262410b
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Jul 2021 22:00:30 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7020c9baa1cfad7fa29b51b82d5ede67"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 pubads_impl_2021071401.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 82ms
30ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 08:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117283
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:00:30 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 27ms
27ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=220410098018654&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=657414f3d1df58fa5e5d5be216f6117c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 3BsZ793JHoE+xfAGqYRGofaiJVW1SRx5GZuhAcmLIOKI1UKt0rxMWRry8ow+UsuvJQbHoU6b5JnMyw1V5SW3Cg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Jul 2021 22:00:30 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.u2interference.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 510229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 00:16:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 227 KB
65 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N72CMXC

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7daad0da73ed01f8c03a48becc5b559dfb3f713b8c9710331c9baf3daad1815a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66921
x-xss-protection: 0
last-modified: Sun, 25 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Jul 2021 22:00:30 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.u2interference.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 480368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 08:34:22 GMT

GET
H2 200 menu_open.gif
www.u2interference.com/forums/images/u2/misc/ 111 B
442 B 24ms
23ms Image
image/gif 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u2interference.com/forums/images/u2/misc/menu_open.gif
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb5e74ea90b84eb7f60c01fdf1b8cb1302e2bd5e6cadcc5b31e84b74a073ee2c

Request headers

:path: /forums/images/u2/misc/menu_open.gif
pragma: no-cache
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2015 20:47:53 GMT
server: cloudflare
age: 5428
etag: "500f74-6f-51b91004ff040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FQQE00YzKOx3JwRos%2BEwPwD5YHLpcWsVS7EUCuCTIR6%2BDog3Pg4mQtVBYeqjDUJHg6F9Bg1lq3pG8sUky%2FIH6qVihf74sCDc26P4v2D3aLzGETFgl%2FnhaZ2ZJ8mDTbk9l6kQVAKD9I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6748a95859ed41b6-AMS
content-length: 111

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.u2interference.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.u2interference.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 343ms
314ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4051945731884443&correlator=79480938794306&output=ldjh&impl=fif&eid=31061736%2C21068111%2C31061843%2C20211866%2C44740386&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=1007032%2CSK_728x90_Top_Primary&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=Location%3DATF&cust_params=website%3Du2interference.com%26page_url%3Dhttps%253A%252F%252Fwww.u2interference.com%252Fforums%252F%26page_path%3D%252Fforums%252F%26vertical%3Dadx%26network%3Dnull%26ForumID%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627250430&dt=1627250430782&dlt=1627250430503&idt=208&frm=20&biw=1600&bih=1200&oid=3&adxs=215&adys=290&adks=1152375598&ucis=1&ad_type=text_image&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x0&msz=1170x0&ga_vid=1199576423.1627250431&ga_sid=1627250431&ga_hid=2137611257&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

023c115cb664515c7102938d654b784b3702854dc528c31adceadef98d23c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7347
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBD3 6 KB
3 KB 84ms
38ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 25 Jul 2021 22:00:30 GMT
expires: Mon, 25 Jul 2022 22:00:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/ 250 KB
93 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-7757781251671730&plah=www.u2interference.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95151
x-xss-protection: 0
server: cafe
etag: 4826816153601596757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:00:30 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 595ms
594ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4051945731884443&correlator=79480938794306&output=ldjh&impl=fif&eid=31061736%2C21068111%2C31061843%2C20211866%2C44740386&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=1007032%2CSK_300x250_Top_Right_Primary&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=Location%3DATF&cust_params=website%3Du2interference.com%26page_url%3Dhttps%253A%252F%252Fwww.u2interference.com%252Fforums%252F%26page_path%3D%252Fforums%252F%26vertical%3Dadx%26network%3Dnull%26ForumID%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627250430&dt=1627250430836&dlt=1627250430503&idt=208&frm=20&biw=1600&bih=1200&oid=3&adxs=1085&adys=328&adks=3229665405&ucis=2&ad_type=text_image&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1199576423.1627250431&ga_sid=1627250431&ga_hid=2137611257&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

586cbad2f37632937b03e0c628d4bc71b6e13932e955bea3e6ec8d5571a10fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-32C473VFPP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N72CMXC

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aa185e893fb9f313f32144f13b602905b6728029f2d5be20337f264a31ca32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50903
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:00:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N72CMXC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4171
date: Sun, 25 Jul 2021 20:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sun, 25 Jul 2021 22:50:59 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 82ms
32ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N72CMXC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:00:30 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
24 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: f3gFM+MPM9Y0vdMU89CcwKvWcmmwxUiIdYy9eJ/enLzVWZL3qPr8O02WxbycsqL3IKc2ta9a+gNwH6NEoVX7QA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 25 Jul 2021 22:00:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.u2interference.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.u2interference.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 1042ms
1041ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4051945731884443&correlator=79480938794306&output=ldjh&impl=fif&eid=31061736%2C21068111%2C31061843%2C20211866%2C44740386&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=1007032%2CSK_300x250_Middle_Right_Primary&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=website%3Du2interference.com%26page_url%3Dhttps%253A%252F%252Fwww.u2interference.com%252Fforums%252F%26page_path%3D%252Fforums%252F%26vertical%3Dadx%26network%3Dnull%26ForumID%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627250430&dt=1627250430864&dlt=1627250430503&idt=208&frm=20&biw=1600&bih=1200&oid=3&adxs=1085&adys=928&adks=1849131124&ucis=3&ad_type=text_image&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x10&msz=300x0&ga_vid=1199576423.1627250431&ga_sid=1627250431&ga_hid=2137611257&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9c5a6c4f39eb0f56dddb57277d2d7c27565c3b339718eee0a457230ff884d66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8226
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
27 KB 1455ms
1454ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4051945731884443&correlator=79480938794306&output=ldjh&impl=fif&eid=31061736%2C21068111%2C31061843%2C20211866%2C44740386&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=1007032%2CSK_300x250_Bottom_Right_Primary&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=website%3Du2interference.com%26page_url%3Dhttps%253A%252F%252Fwww.u2interference.com%252Fforums%252F%26page_path%3D%252Fforums%252F%26vertical%3Dadx%26network%3Dnull%26ForumID%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627250430&dt=1627250430871&dlt=1627250430503&idt=208&frm=20&biw=1600&bih=1200&oid=3&adxs=1085&adys=938&adks=1435784397&ucis=4&ad_type=text_image&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x10&msz=300x0&ga_vid=1199576423.1627250431&ga_sid=1627250431&ga_hid=2137611257&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

258a17d96aab83a9bbf9f5b48e87f287239d3a59573cba81b8688b6e6fad8c61

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO-U0J-c__ECFZeiewodPX0PGA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5204766102965218657/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO-U0J-c__ECFZeiewodPX0PGA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5204766102965218657/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27343
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 25 Jul 2021 22:00:32 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 1912ms
1912ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4051945731884443&correlator=79480938794306&output=ldjh&impl=fif&eid=31061736%2C21068111%2C31061843%2C20211866%2C44740386&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=1007032%2CSK_728x90_Bottom_Primary&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=website%3Du2interference.com%26page_url%3Dhttps%253A%252F%252Fwww.u2interference.com%252Fforums%252F%26page_path%3D%252Fforums%252F%26vertical%3Dadx%26network%3Dnull%26ForumID%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627250430&dt=1627250430897&dlt=1627250430503&idt=208&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1104&adks=3100388973&ucis=5&ad_type=text_image&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1199576423.1627250431&ga_sid=1627250431&ga_hid=2137611257&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

052be8ef35b981dd070a6dfeff7bc9370b09b7a4fbd4e23062e773144e2112aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
266 B 31ms
31ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.u2interference.com&callback=_gfp_s_&client=ca-pub-7757781251671730

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-7757781251671730&plah=www.u2interference.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1aaeb91383d090fb4ad2c561891c0b216ee9d5abc8f8a4ab79c938d57700d751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 09BD 430 B
409 B 76ms
76ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757781251671730&output=html&h=15&adk=1753343235&adf=113075344&w=728&lmt=1627250430&channel=2109660748&format=728x15_0ads_al_s&color_bg=0a837f&color_border=789048&color_link=FFFFFF&color_text=333333&color_url=666666&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627250430791&bpp=8&bdt=289&idt=119&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=5150052544770&frm=20&pv=2&ga_vid=1199576423.1627250431&ga_sid=1627250431&ga_hid=2137611257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C44740386&oid=3&pvsid=4051945731884443&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=p0rxRDpmTH&p=https%3A//www.u2interference.com&dtd=129

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fc88354bb769f6275e93b0b62fc9284d40de4deef05d5559d4bc177275ff2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7757781251671730&output=html&h=15&adk=1753343235&adf=113075344&w=728&lmt=1627250430&channel=2109660748&format=728x15_0ads_al_s&color_bg=0a837f&color_border=789048&color_link=FFFFFF&color_text=333333&color_url=666666&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627250430791&bpp=8&bdt=289&idt=119&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=5150052544770&frm=20&pv=2&ga_vid=1199576423.1627250431&ga_sid=1627250431&ga_hid=2137611257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C44740386&oid=3&pvsid=4051945731884443&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=p0rxRDpmTH&p=https%3A//www.u2interference.com&dtd=129
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 25 Jul 2021 22:00:30 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Jul-2021 22:15:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 25 Jul 2021 22:00:30 GMT
cache-control: private

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039897272555"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:00:30 GMT

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.43

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-xss-protection: 0
pragma: public
x-fb-debug: BLqrxrLKVTMuhb00xvlIwvi1+RxH30H6hJelNCfaVMB7HxKTRYpQw04ymMbTJFnU5+F/CfRmECyKMpm7rS9GUw==
x-frame-options: DENY
date: Sun, 25 Jul 2021 22:00:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 351301425239951 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/351301425239951?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50d9911d12fbf3ed2b3d5a477e460552b37212daa2fc4d6dd66f22d72d1572da

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75637
x-xss-protection: 0
pragma: public
x-fb-debug: 2Ww6I3hdHvPOdxGgsDNwdtnh3/R/sI8UYILHoK0QTj7Pg6/PWg2TkJsaqHoRDjWxCYNmpBelLj7RT4aLGz+WdA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 25 Jul 2021 22:00:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2137611257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&ul=en-us&de=UTF-8&dt=U2%20Feedback&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=1799307242&gjid=960083672&cid=1199576423.1627250431&tid=UA-59880719-6&_gid=813623963.1627250431&_r=1&gtm=2wg7l1N72CMXC&z=1593968079

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 21ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2137611257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&ul=en-us&de=UTF-8&dt=U2%20Feedback&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAAABAAAAAC~&jid=1983084629&gjid=1287409620&cid=1199576423.1627250431&tid=UA-125129-18&_gid=813623963.1627250431&_r=1&gtm=2wg7l1N72CMXC&z=1305864297

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-32C473VFPP&gtm=2oe7l1&_p=2137611257&sr=1600x1200&ul=en-us&cid=1199576423.1627250431&_s=1&dl=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&dt=U2%20Feedback&sid=1627250430&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-32C473VFPP&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 result Show response
www.u2interference.com/cdn-cgi/bm/cv/ 0
565 B 18ms
18ms XHR
text/plain 104.26.6.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u2interference.com/cdn-cgi/bm/cv/result?req_id=6748a9552d6e41b6
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://www.u2interference.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: bbsessionhash=b55c421765655e59fe5c633f1cef6e09; bblastvisit=1627250430; bblastactivity=0; PHPSESSID=jitcrji2autl092i433dkvrai3; _gcl_au=1.1.1360619503.1627250431; _gid=GA1.2.813623963.1627250431; _gat_UA-59880719-6=1; _gat_UA-125129-18=1; _ga_32C473VFPP=GS1.1.1627250430.1.0.1627250430.0; _ga=GA1.1.1199576423.1627250431
content-length: 424
:path: /cdn-cgi/bm/cv/result?req_id=6748a9552d6e41b6
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCLZvm0U5BGhCPLLm9LTxvjpaR%2BYNLBmPj3%2F%2Fba33t0QzKlfLTGdWuXM9pmNsLqo8caJvJyxE4HyqSwi%2BLGQPqfZnR4jwcyPaeaTGGk5rWQfH6PvwM5d6L9GYbqYSI9qAcj2TF1T%2FbE%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: __cf_bm=1921b4de82f3a347bdca6e7c5d4585719b920d3a-1627250431-1800-ASwtZB1afWz8tfC1DH4zsF5/I6YAwVpJdJSEABmHuKXkKElW9FjutygEFNkr0KBggYI57nnlQ0mzVK/4MLOEydPpS9tzFUVe/4qd1xdDxdSqc7LE3aRSDNJG9sAMt8RB+z0jXXIn5FFiYj9Ak1AZfDg=; path=/; expires=Sun, 25-Jul-21 22:30:31 GMT; domain=.u2interference.com; HttpOnly; Secure; SameSite=None
cf-ray: 6748a95a2c3b41b6-AMS
cf-request-id: 0b81482c5b000041b678b17000000001

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/Lc7zCIOnpdkBEK3JzdgD/ 2 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/Lc7zCIOnpdkBEK3JzdgD/?random=1627250431062&cv=9&fst=1627250431062&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7l1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&tiba=U2%20Feedback&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e7655ce171821c7db12d36d7bdab3eeefe0b5ffb7af53582c8ab9e65a2524a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1006
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=351301425239951&ev=PageView&dl=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&rl=&if=false&ts=1627250431087&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=62&fbp=fb.1.1627250431086.1244506071&it=1627250430934&coo=false&rqm=GET

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 25 Jul 2021 22:00:31 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/Lc7zCIOnpdkBEK3JzdgD/ 42 B
64 B 26ms
24ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/Lc7zCIOnpdkBEK3JzdgD/?random=1627250431062&cv=9&fst=1627250400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7l1&sendb=1&frm=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&tiba=U2%20Feedback&async=1&fmt=3&is_vtc=1&random=3924169261&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/Lc7zCIOnpdkBEK3JzdgD/ 42 B
108 B 18ms
16ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/Lc7zCIOnpdkBEK3JzdgD/?random=1627250431062&cv=9&fst=1627250400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7l1&sendb=1&frm=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&tiba=U2%20Feedback&async=1&fmt=3&is_vtc=1&random=3924169261&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 27ms
27ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210720&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bae67acce797143561693421e0ebf6a107e1b8321ef49ca8a072460fa4598759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8370
x-xss-protection: 0

GET
H3-29 200 container.html Show response
fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9638 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 25 Jul 2021 22:00:30 GMT
expires: Mon, 25 Jul 2022 22:00:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:00:31 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0013 12 KB
5 KB 16ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sun, 25 Jul 2021 16:26:11 GMT
expires: Mon, 25 Jul 2022 16:26:11 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7E0A 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ff4d402600b7937e4a0480ed284e7b8e2f11c994b1a6d6b86f87f96ce1f33be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RROJbbzS9SBcBfbIAy6DVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

expires: Sun, 25 Jul 2021 22:00:31 GMT
date: Sun, 25 Jul 2021 22:00:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-RROJbbzS9SBcBfbIAy6DVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DB74 624 B
299 B 17ms
16ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoYzvmVqgEwAQ&v=APEucNUxH28zhGwTH4eZUqOwA5xsbt6cepkk_lexVnl2D098PUOxDo9wFBES775DY-fo4YSCR7WGxicNROZybpsDFbjDoEj3U2ViFDAthPDyIIJpiY9HxudYPaczMGx6oau9ylgb04fYNHvQEA0zD7hlNBGg35R59exqcmF5dSRd_RRxX69g5oE

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNDdGRC6hRoYzvmVqgEwAQ&v=APEucNUxH28zhGwTH4eZUqOwA5xsbt6cepkk_lexVnl2D098PUOxDo9wFBES775DY-fo4YSCR7WGxicNROZybpsDFbjDoEj3U2ViFDAthPDyIIJpiY9HxudYPaczMGx6oau9ylgb04fYNHvQEA0zD7hlNBGg35R59exqcmF5dSRd_RRxX69g5oE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn1fZhofOdtRHbHYT8GLeF9ghwkd8uqfzxVz3N6iQUrufJ9xD62QOm216LS; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 25 Jul 2021 22:00:31 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 25 Jul 2021 22:00:31 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9638 84 KB
26 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dw-DweStu7VcD7toAdtfLkUdAgOLhikJEcNuek1HxpuxV_x-Tq5gYKUHFZKvAgH8iIr03hiyYsCdvBnH2AoIUboVQeN7hGvuYwIl-yWB8CM49GVU5dsOjgBEHA2wxam9THdWQBu8IOmpPXI98Wh8Fau4liYw&dbm_d=AKAmf-ARLuXYCHNG0jAQB28doDPpg96blVjY6y_9s9O4QKIFtNWd4YEWZkFKO_HOl5LOUm5gObz5KM_ZA3w-YYNVZYBAqjs4T7XpsaZaLVINk1ZfmuWgJjQTCRkkM1dKsVsYBdpaJUqtIUJol_6KhEX2Zp7PaVRXOHWfho8PfaO0z5Z8iIiYn45cry8Kc5bdhfGRnqoHihLEukeAB88TY4kF0DRB0aqgWIvFmwa8Z6c19pfhISF2qKZouRxCUrIinU-6uIJo_0LGxyFB2HOK1z0Nsb543lTlLCtFcxfTWgihu0PjgDv0OkKnCwkfty_omegUShJVxlr9bXGTTPfHPbhBt7nDGw7BQ1NIb0nOB25vtpo7X35uHTaEow3mhzmETuWhU311fktryqQJNsEYEBKN64bPUy_1Nu5zTGaCp9T_NUB3Q4MfZqUG_2ViH-jZlCCEqMfQqOMIc1nDIj57Lth4JQmlg_rWyKA7--ZXTSLkMwvK1k6pKjqW3VGV72NRg3zEp7nC3K_fBtiBgLgi5JWwbH9VHhs28XFUgp7Hw9YKGFoUXB5nybKUZz8BshlQTfFcTaWJWacjW8HbtnC7zx2yJtoTuwfT697uf6TXFrciy1s9wiQ465gvKlOR9dM_XO8ZUBpjAyyWZJ20svpK6CnBEgF0WnIOmXrRUNlCWXUN1r9WLUUeYjHcA4tkNC6a8UEAiKQEQ-scyJZq4csA-4MLJ3-2lSPZzP6ENy_e0QqhgDALerrQa3t-_YX5Q6FMbviXG3sRDbV2-Px0L12W_rTKeeJawfuzlgi6ortBr16yudIJH_QTiKReRRl5kFt_me4QqsvNKqSGfWpm0wrS60OiBfjKG1tve2pT2i-UPMhWnsQbJNS5ztaELRtcOkhjcTH0lB3ZZdVPjG8-B5wTWevThhIWryJR-BlAZ7C-1q2j092gXsGFdR_TLJAPNGJQ6zgdh24uUK6cVD1anfMU0F77lVtkZwnfrFk7GvnuRWagULZjL1Y8PC4igbOTxvjcZp83aOf6fqOUaBmW5TI7Dfi3LjB6mf1sLPBnB1056OyWamqKEjoCumopYSdgLHxng2-arJSCYc_LXDggGAvqcWpL48vsBwrXivzMtfmjNkZ6BEpUJya23tMU9JfxFFIK4CTvG44ejew_QNhocg9kgqIk6Dd0o6O_e6cqh6r1TPLisG-hoKraKo2vck2z8jUeWVGjM59Ylisd61PMdphXcKA2b39eA-AitcfTT36Ii2hoZm4Sv89UtOhZa9TOglhZu54TPr7kXw6izBC8sH4Y_7E1Em8bBKcVCkY1P5N4CDK_SN-i23-JXITzhyDdK9JKnmp5yk2KC3lYP8rEDXyDI19K_mToyDHd7fvgthcNMkA2XKis_3P131OQyxbiB3NRKeGDACW_e5-k7kVLpQuOn6CeaQ9583GRRQf3h3vsfo062MgaAgN7-cUxgh-lMk18ZLx4MmdJoPLVF-tBAzt5GvaT3NpOg-6_RhJovDkM1ABl5YYnb3xAHiXdCwFKVsA_Zi_Pad7PpdBZaLr7RaOdBKwtrl58F-3guU-C85__Hd-aAIhLE86KLKq38VZu-UkMLFVMwfYfQqGQ-mirmKdlRiBVRyriiA9Ym55qzy1MIzgV257HaUdtPFUcvp5PNGjyeI4XgveOz_6cZQ_6Bf9V2geMzBw1r9cy2RStsh8dG79BXxTeHrQf8l9NPDc3dCKwUf6uzgA5ctXDB9MXhJsq2AD_grpFD3TwjOOBKhl2lJXN2jG3x4h6FMhtS7bnxEDKDjZrFvWAFh47p1aiS6OMTayFel0U-j4vkNREWycT-j9KbcvdGc9ZbN6VOB-JZ5ZzHF_WsjkPi6wv07_J3sYeOOd4h-ZAAPsh2kMj16n3LSsAD723U-ycxHsi0VWsWgBjhO15cbvWpRKjbQQsBgI_vc_SmKXEfmiqXRXAkXR4LFZvCsPE97MpPuMk5WqRoNpX79hJsdtVPrUWXnXm-inpJdmNUoL9oir0Vk-kbfSOfU0ul2n3t6FtiaKwcXK0nFA_lIbVhzSi7p0GI6MasT4lCxij15np9vKcMRNOYFHCUqt6ibq-WKBgeOGu-9QVgrKDSTvTvuJP20QoiHcMgcC1iiguuuc6qKS00pPogvMzYcBO2fumIb-u39cjvcd4w2guVlWiwMa0j8p5grYDoFnHXMXdoJp7VnYxcCuzD8YMz8tL_KSR8JFI5sfpaO76Fn_44fxZrZogXeF4nNphFHZqbCLllLh-sK6AsfmFdwnsfb7We8E0DOOUrvYTfbXcc6XuxvrjFPj-1VTApOj2OkUFQ6GKHlIPMtt7T3aYcpiPfzn8cOsScwY1zLoOVsWgVreI7A_0rMaZyAldTg_hBHMTdcqTqxrGt-QWWI_Tgrqpwp20luUsNWPz5sykdLx7-JX2aMTRasHHTof7_oJE3wws3lwQr6Oi1inZvSAYk7RLpOBpKrzWOz4RvGUqvT3-uDmM10aJttslsb9s-Lgkjfxg910X7EbqL9sf2-qFDW8XV4Wb3QBcCnCY-wcFDZedHSG2Ebxn6Yx0eOwLdhrZ87vTr4qFaQkzHAqABd4Dt-timIa8b3gjt-_Epk8HfvQttpvGwqnVIgkOix10AJELwELrUj_cDNmFAhn5JlDvuzZ53_7-zzklmp8mJXw_TlDOsS6TJ89S-oRXktpvUT-683WXvFm_W3KzI-k28xv-01dh-GH57T3Z7h8TigVFlCjJuNCU0b0KSq0fmQxYk1uuHY-yyCGq0cVCqwpKmg7FJ74dpaG8qT4BzqkV3Y79vy2BRkEYhfAPmpx3VKnlroXedR59KQcQUeznuNbZIZqeQfB5erKjCUtpweFNYGk9_5eXpgGql9EV9zWgnIZ56okBVMTm10i6SyrRweBw4qeotDPblnnZGrtxT-CcNGwTvc2pz-kBh_YCLPXHvCWtTX2y9d29jCNm00Nj7czOl5ETAWTKxV_ABwVvLpJtbHO-j0GLIa6Y91s9SgPOiBkZeTNoxajF6AF0D9zPghzaTSV3CeW7eVVLiGb2IyGKFtY&cid=CAASFeRoEhx65zT4QPNhoEPiAI3Vn8wKcg&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3262dbc62d08e075855db45711ee47bd0de34d09b08e0b9a69e327335b490a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27041
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9638 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0AjbPjYZijfvundzHLjLZkbeR5y87lv_WQ1AmqA5GaevuGjvkWF408WLMsFyE6NM2PKi-MKdMIeO7WaJQH4P1Hpwb45rftZf6ytt8VekP0o9b0qc

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 9638 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:54:49 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 9638 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:57:58 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 9638 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpVjwXNatHrgvHA4_L5GvOgS9OXtcnJcsywWsQEYI45vZ7hQk4WMiLxJEeOTVVDLH2DtDAYU9XYFm1TuMk4er4Eg3YMA
Requested by: Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9638 124 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039891503395"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:00:31 GMT

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0013 34 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 00:44:08 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DB74
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsmBtzkbKNLBsXtVd97u1U&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsmBtzkbKNLBsXtVd97u1U&google_cver=1&C=1

43 B
1014 B

28ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsmBtzkbKNLBsXtVd97u1U&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoYzvmVqgEwAQ&v=APEucNUxH28zhGwTH4eZUqOwA5xsbt6cepkk_lexVnl2D098PUOxDo9wFBES775DY-fo4YSCR7WGxicNROZybpsDFbjDoEj3U2ViFDAthPDyIIJpiY9HxudYPaczMGx6oau9ylgb04fYNHvQEA0zD7hlNBGg35R59exqcmF5dSRd_RRxX69g5oE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jul 2021 22:00:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 25 Jul 2021 22:00:31 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 25 Jul 2021 22:00:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsmBtzkbKNLBsXtVd97u1U&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 25 Jul 2021 22:00:31 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DB74
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YP3e-4jKs.uI-P3iu-SXhwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsmBtzkbKNLBsXtVd97u1U&google_cver=1&google_hm=2

43 B
894 B

37ms
37ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsmBtzkbKNLBsXtVd97u1U&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoYzvmVqgEwAQ&v=APEucNUxH28zhGwTH4eZUqOwA5xsbt6cepkk_lexVnl2D098PUOxDo9wFBES775DY-fo4YSCR7WGxicNROZybpsDFbjDoEj3U2ViFDAthPDyIIJpiY9HxudYPaczMGx6oau9ylgb04fYNHvQEA0zD7hlNBGg35R59exqcmF5dSRd_RRxX69g5oE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jul 2021 22:00:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 25 Jul 2021 22:00:31 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsmBtzkbKNLBsXtVd97u1U&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame DB74
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA2CkPpHWkFBkBqzLgZU8TY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA2CkPpHWkFBkBqzLgZU8TY%26google_cver%3D1

43 B
1 KB

16ms
15ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA2CkPpHWkFBkBqzLgZU8TY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoYzvmVqgEwAQ&v=APEucNUxH28zhGwTH4eZUqOwA5xsbt6cepkk_lexVnl2D098PUOxDo9wFBES775DY-fo4YSCR7WGxicNROZybpsDFbjDoEj3U2ViFDAthPDyIIJpiY9HxudYPaczMGx6oau9ylgb04fYNHvQEA0zD7hlNBGg35R59exqcmF5dSRd_RRxX69g5oE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jul 2021 22:00:31 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 93592d0f-74e9-444b-8f4b-39cb127fe3dc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 25 Jul 2021 22:00:31 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 480ecc94-392d-49fb-936d-021989724259
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA2CkPpHWkFBkBqzLgZU8TY%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DB74
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk4OTI5NjQyNDI4NjkyNDAyOA%3D%3D

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk4OTI5NjQyNDI4NjkyNDAyOA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 25 Jul 2021 22:00:31 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4befff96-9a0a-4586-995e-39030f6009bc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk4OTI5NjQyNDI4NjkyNDAyOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 9638 176 KB
61 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62241
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jul 2021 09:39:43 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/ Frame 9638 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dw-DweStu7VcD7toAdtfLkUdAgOLhikJEcNuek1HxpuxV_x-Tq5gYKUHFZKvAgH8iIr03hiyYsCdvBnH2AoIUboVQeN7hGvuYwIl-yWB8CM49GVU5dsOjgBEHA2wxam9THdWQBu8IOmpPXI98Wh8Fau4liYw&dbm_d=AKAmf-ARLuXYCHNG0jAQB28doDPpg96blVjY6y_9s9O4QKIFtNWd4YEWZkFKO_HOl5LOUm5gObz5KM_ZA3w-YYNVZYBAqjs4T7XpsaZaLVINk1ZfmuWgJjQTCRkkM1dKsVsYBdpaJUqtIUJol_6KhEX2Zp7PaVRXOHWfho8PfaO0z5Z8iIiYn45cry8Kc5bdhfGRnqoHihLEukeAB88TY4kF0DRB0aqgWIvFmwa8Z6c19pfhISF2qKZouRxCUrIinU-6uIJo_0LGxyFB2HOK1z0Nsb543lTlLCtFcxfTWgihu0PjgDv0OkKnCwkfty_omegUShJVxlr9bXGTTPfHPbhBt7nDGw7BQ1NIb0nOB25vtpo7X35uHTaEow3mhzmETuWhU311fktryqQJNsEYEBKN64bPUy_1Nu5zTGaCp9T_NUB3Q4MfZqUG_2ViH-jZlCCEqMfQqOMIc1nDIj57Lth4JQmlg_rWyKA7--ZXTSLkMwvK1k6pKjqW3VGV72NRg3zEp7nC3K_fBtiBgLgi5JWwbH9VHhs28XFUgp7Hw9YKGFoUXB5nybKUZz8BshlQTfFcTaWJWacjW8HbtnC7zx2yJtoTuwfT697uf6TXFrciy1s9wiQ465gvKlOR9dM_XO8ZUBpjAyyWZJ20svpK6CnBEgF0WnIOmXrRUNlCWXUN1r9WLUUeYjHcA4tkNC6a8UEAiKQEQ-scyJZq4csA-4MLJ3-2lSPZzP6ENy_e0QqhgDALerrQa3t-_YX5Q6FMbviXG3sRDbV2-Px0L12W_rTKeeJawfuzlgi6ortBr16yudIJH_QTiKReRRl5kFt_me4QqsvNKqSGfWpm0wrS60OiBfjKG1tve2pT2i-UPMhWnsQbJNS5ztaELRtcOkhjcTH0lB3ZZdVPjG8-B5wTWevThhIWryJR-BlAZ7C-1q2j092gXsGFdR_TLJAPNGJQ6zgdh24uUK6cVD1anfMU0F77lVtkZwnfrFk7GvnuRWagULZjL1Y8PC4igbOTxvjcZp83aOf6fqOUaBmW5TI7Dfi3LjB6mf1sLPBnB1056OyWamqKEjoCumopYSdgLHxng2-arJSCYc_LXDggGAvqcWpL48vsBwrXivzMtfmjNkZ6BEpUJya23tMU9JfxFFIK4CTvG44ejew_QNhocg9kgqIk6Dd0o6O_e6cqh6r1TPLisG-hoKraKo2vck2z8jUeWVGjM59Ylisd61PMdphXcKA2b39eA-AitcfTT36Ii2hoZm4Sv89UtOhZa9TOglhZu54TPr7kXw6izBC8sH4Y_7E1Em8bBKcVCkY1P5N4CDK_SN-i23-JXITzhyDdK9JKnmp5yk2KC3lYP8rEDXyDI19K_mToyDHd7fvgthcNMkA2XKis_3P131OQyxbiB3NRKeGDACW_e5-k7kVLpQuOn6CeaQ9583GRRQf3h3vsfo062MgaAgN7-cUxgh-lMk18ZLx4MmdJoPLVF-tBAzt5GvaT3NpOg-6_RhJovDkM1ABl5YYnb3xAHiXdCwFKVsA_Zi_Pad7PpdBZaLr7RaOdBKwtrl58F-3guU-C85__Hd-aAIhLE86KLKq38VZu-UkMLFVMwfYfQqGQ-mirmKdlRiBVRyriiA9Ym55qzy1MIzgV257HaUdtPFUcvp5PNGjyeI4XgveOz_6cZQ_6Bf9V2geMzBw1r9cy2RStsh8dG79BXxTeHrQf8l9NPDc3dCKwUf6uzgA5ctXDB9MXhJsq2AD_grpFD3TwjOOBKhl2lJXN2jG3x4h6FMhtS7bnxEDKDjZrFvWAFh47p1aiS6OMTayFel0U-j4vkNREWycT-j9KbcvdGc9ZbN6VOB-JZ5ZzHF_WsjkPi6wv07_J3sYeOOd4h-ZAAPsh2kMj16n3LSsAD723U-ycxHsi0VWsWgBjhO15cbvWpRKjbQQsBgI_vc_SmKXEfmiqXRXAkXR4LFZvCsPE97MpPuMk5WqRoNpX79hJsdtVPrUWXnXm-inpJdmNUoL9oir0Vk-kbfSOfU0ul2n3t6FtiaKwcXK0nFA_lIbVhzSi7p0GI6MasT4lCxij15np9vKcMRNOYFHCUqt6ibq-WKBgeOGu-9QVgrKDSTvTvuJP20QoiHcMgcC1iiguuuc6qKS00pPogvMzYcBO2fumIb-u39cjvcd4w2guVlWiwMa0j8p5grYDoFnHXMXdoJp7VnYxcCuzD8YMz8tL_KSR8JFI5sfpaO76Fn_44fxZrZogXeF4nNphFHZqbCLllLh-sK6AsfmFdwnsfb7We8E0DOOUrvYTfbXcc6XuxvrjFPj-1VTApOj2OkUFQ6GKHlIPMtt7T3aYcpiPfzn8cOsScwY1zLoOVsWgVreI7A_0rMaZyAldTg_hBHMTdcqTqxrGt-QWWI_Tgrqpwp20luUsNWPz5sykdLx7-JX2aMTRasHHTof7_oJE3wws3lwQr6Oi1inZvSAYk7RLpOBpKrzWOz4RvGUqvT3-uDmM10aJttslsb9s-Lgkjfxg910X7EbqL9sf2-qFDW8XV4Wb3QBcCnCY-wcFDZedHSG2Ebxn6Yx0eOwLdhrZ87vTr4qFaQkzHAqABd4Dt-timIa8b3gjt-_Epk8HfvQttpvGwqnVIgkOix10AJELwELrUj_cDNmFAhn5JlDvuzZ53_7-zzklmp8mJXw_TlDOsS6TJ89S-oRXktpvUT-683WXvFm_W3KzI-k28xv-01dh-GH57T3Z7h8TigVFlCjJuNCU0b0KSq0fmQxYk1uuHY-yyCGq0cVCqwpKmg7FJ74dpaG8qT4BzqkV3Y79vy2BRkEYhfAPmpx3VKnlroXedR59KQcQUeznuNbZIZqeQfB5erKjCUtpweFNYGk9_5eXpgGql9EV9zWgnIZ56okBVMTm10i6SyrRweBw4qeotDPblnnZGrtxT-CcNGwTvc2pz-kBh_YCLPXHvCWtTX2y9d29jCNm00Nj7czOl5ETAWTKxV_ABwVvLpJtbHO-j0GLIa6Y91s9SgPOiBkZeTNoxajF6AF0D9zPghzaTSV3CeW7eVVLiGb2IyGKFtY&cid=CAASFeRoEhx65zT4QPNhoEPiAI3Vn8wKcg&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:57:58 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 9638 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9349
x-xss-protection: 0
server: cafe
etag: 11779355884012761328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:42:51 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9638 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 00:44:09 GMT

GET
DATA 200
OK truncated
/ Frame 9638 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc14b98868b014b8089c5519faddb073e80a8a3f07768a282f48cce196f70e51

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 74E5 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 25 Jul 2021 14:16:29 GMT
expires: Mon, 25 Jul 2022 14:16:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 nl-NL_Top_CT_728x90.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/ Frame 2648 2 KB
916 B 28ms
14ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6203e6a6392775763b558a1b1a894789ae6503e8635298520043c3d7a9578f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 891
date: Sun, 25 Jul 2021 22:00:31 GMT
expires: Mon, 26 Jul 2021 22:00:31 GMT
cache-control: public, max-age=86400
last-modified: Mon, 11 Jan 2021 16:01:07 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9638 0
592 B 117ms
65ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6uMnmxKaTWdfjqpKpl6lOJ2Xcs2Jo3gXgRg98qK9hxIdOH800cGBpB1doNpedJIpxO0S5kEOEbrsDFq7GtzY3VXc-QesxIquBTNHEFgdgmbsLsTcA1DapbEOTfqdgP38Jj3BbaQi0TVWwVjKjyyR_I28x0Sx6ky5uh_yuxlW9aob6lePZTCN6VauCiZpz1BItwuEZqi7j70pKhiKJfh9aV9K8vMKtQT2rfxB21rV0T2Hw2CVcFYrmmnPC9PV6oC_bIm5YdHm7qBF7gxGQsfgHyFd-4ptmJFE04mx56aMuCDX0ONHvPxAWofn_fEAWm4FcRxx3t1OabxyUftAjzzAqQwsoLeOdR5NQ2wksjvNKwN4e-BA357cvha5rVgbjU2zYAc9sjf5sOp8ftORdvXygie543hcTQainQHm0p9t2-xw-NgMwSOezRuftuJPXExDYPElxU45sHgyaCUZWnW6rVXYAlz1drUUuna_DE7itIGIRLxHM9W6saNgV52bUcbR_TIG136JYMrY3-60X7TVamBcDHqcO1DT7TGVTfOZnabBPZeAaA1c7Ex8WcmVbJNZYTuhpmDZv8uJJZu2orwrNI0rkxSy2ZiluC1QcTmqvOw8gxkqLFwV2dMLE3qsjs4FaYkUNt5V9kmMDTHa6267dJ9e2Nco7dro_gA4KBDzxFFu_1jKoRJDikm0MUuOH0iXbxg8sXebZQOL0eii6KR-Clh4gz3KnDatUdhkYjDeqLMxXH031HaOjZMDIhltw_bk3Wcdf_zg2M6nW3teD-9QkgmEqmHlpgTCcBi7b95lOPfjS2aXm9ldjJnt5cJuTSH83TiSEmb1AwcHgCnJ6clA5Mt0ibKK1MhPVMcRbGu0FOG4d3X9tiTipQ6g5zENYeYH1qZUtlxiheIBQNi4zErtcArbBmwaGlMRT_df8N9ga_Z0bIuJepidqiLjDvysOU-ThYtlPJ5Y4rnNi92S75VVtjOX0mFoUU5xA9a89N-VS6lsfDDMzjaljLJRD4oOaGAWWdsR5EzTmcZw2FYZmMkIcH825QI0lyhRAT6V9Uu-OZJzqB0K_dGYMryYK2iqOqiIdW2fPF8paYhpC94WL8EKYiUrnGrrVfIDdY-bdNwen0rEVBxXGeLAW60U4U2zs-OlVZfWsGiI0RLuEmvxuAykDFjGHoVBy3OxJwKUbtG9Ef0i3SEhT1IfnNIrmifqdy2jtB2o9YlWuka_VXJ8N-g&sai=AMfl-YRAXCX4KaUcNKbUrqyzYkuGCw0og0r80TsRcu0Qx1wY54d6XCEOoC2OUuGr5y3SGCXGGEQthXs_9IDR2auBtZvr9EqwLJ-4WyxVuU0Kn9Tv8gwU_T_s8msLgra3Xh99UsGMMDeReWuu-1zsdGRGdt8eLHoE9m2WhiLqz04&sig=Cg0ArKJSzBbULKqzAUoNEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=82&cbvp=1&cstd=77&cisv=r20210720.12614&adurl=

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 25 Jul 2021 22:00:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
opt.objectiveportal.com/ Frame 9638 35 B
528 B 93ms
28ms Image
image/gif 195.201.152.90
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opt.objectiveportal.com/pixel.gif?customer=COO&brand=COO&domain=NL&process=banner&campaignid=25931043&placementid=304019480&che=1839787287&cmsiteid=1707040&adid=500670576&crid=142167302&gvalue=ct=DE&st=&city=0&dma=0&zp=&bw=4&keyvalue=0&line_item_id=32889901&creativeid=&exchangeid=&insertionorderid=&sourceurl=&universalsiteid=&auctionid=&gdpr=&gdpr_consent=&gdpr_pd=

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.152.90 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.objectiveportal.com objectiveportal.com
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
etag: bb1aa100-d28b-4439-aca4-f117ab01aae7
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors *.objectiveportal.com objectiveportal.com
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 35
x-content-type-options: nosniff

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 74E5 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 00:44:08 GMT

GET
H3-29 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 2648 110 KB
38 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 09:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jul 2021 09:39:45 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 2648 114 KB
34 KB 17ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1647659
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34868
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c604"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrQxcy36sNHaBckjy7FgRS7vX5j5ctXjsObIy6igVEfu9VzDfYwT5%2FlI4TFDPZus26bq3zsX21EMWD9uMvO5yC11i6FpxCjinZth3k%2FgLpA%2FfdTyOzuh%2FrcgXBd%2FZDTOmM17O4%2F0WA47O5YVoYba%2B1K1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6748a95c085b4351-FRA
expires: Fri, 15 Jul 2022 22:00:31 GMT

GET
H3-29 200 Topcontroller_CT.js Show response
s0.2mdn.net/creatives/assets/3997469/ Frame 2648 31 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3997469/Topcontroller_CT.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309de750bb2c32b58c49494bb2d09b6f858750ad306edc6ad0fd634a5cf57916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4086
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 07:17:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:06:15 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210720&jk=4051945731884443&bg=!_f6l_rrNAAbnC78O5ws7ACkAdvg8Wpr044G1eESLA54ZBhb8B-lKCyG2HiFlIpW6trzuA3tPCvF4GAIAAACLUgAAAB1oAQeZAoXDUoS_y1Mw3UeIaqUIT7ixKt93rvy2FFGSvaxqAMXwuMGJXZAbDsdox-8PA4JWh_27xChXRLTy_GLUhqvMftsFwMTfl39Bh0XHHB7hkwuRDr8LCBeJbLXN8WEKQXko6PIYsfoE9gC77R-thC6tTNqv4AZuZy9S_HQ-dPllm2QiHNrl0gtjfwxlHLZFHzF8Wx-WkAKM57zvRdblnNH7inBIbbR2g7cQ8XnvBLjD2T7pGhOpX_jdT7VuRH-7Jf8-aHA6fmoaiBYHYoBBYbzlAa3d9JwpdigemODeLVt3gv-Ch72bdGAeMqRele1eg5-m18rpUAwzCnPely4lMcScwZ0plLinm_15qbhdY-2aAxUI_FgmVHXKZyI5Uxaboy73cg3z3octv9yPoY8WdLsLYP-jThm8uMJsZ1c2jQavgqZzU_hT7yyNYQIbWA42wo17OIwWPzxoWCfNyyFADnC14l4VVgCeg6IVJV8gKKiukZPdsanzIHxFMMOng3L-VsKHxu5wBus-BHO2BE4w0N5dVmjgJhg7AVRqs1LH-ceycnDlBNUda0Or9CTW2nD9MNccGq3MAFWVLf1MRtYJZCwhlu0R2FP-nqSj2jS2e7YHMcmxno0lgaUsztYAzq1lLwR3_SN78VnHgPLzASf5UFJAcoOdbL7zDSUsForUySUZdcuNi0Pxl1hxhlR4WJ9igVpPWBZG3uP8RonZ57hFWlL9u7yIjQp58CR9f0ovQ3Yz7WpDh-mJXySE6_3vagws_5SHCmBM5-nEzf-hgpSc-G7ystGdAq1rpmGn7f9VIhKu1C2aRQtnqZJFCRY-PgV_Qshkq_obnCJ3osr9EYy1euPsDkOzmRrC4RM

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9638 0
60 B 59ms
58ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 22:00:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032107200040000/ Frame 3F5C 188 KB
55 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032107200040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ebec7366236d66d326611f9c885116c612b7fe36ff0b65b55924c666383d4d8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 435090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55094
x-xss-protection: 0
server: sffe
date: Tue, 20 Jul 2021 21:09:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3c07ea68efdee93e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 21:09:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032107200040000/v0/ Frame 3F5C 13 KB
5 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032107200040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 435090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4808
x-xss-protection: 0
server: sffe
date: Tue, 20 Jul 2021 21:09:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "82cb572e3b54d217"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 21:09:01 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032107200040000/v0/ Frame 3F5C 87 KB
27 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032107200040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 435090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27828
x-xss-protection: 0
server: sffe
date: Tue, 20 Jul 2021 21:09:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2309f93374d1f64f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 21:09:01 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032107200040000/v0/ Frame 3F5C 4 KB
2 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032107200040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 435090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1648
x-xss-protection: 0
server: sffe
date: Tue, 20 Jul 2021 21:09:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0ef177dade489237"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 21:09:01 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032107200040000/v0/ Frame 3F5C 40 KB
13 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032107200040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 435090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12831
x-xss-protection: 0
server: sffe
date: Tue, 20 Jul 2021 21:09:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "896e0bc3d66ccdf5"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 21:09:01 GMT

GET
DATA 200
OK truncated
/ Frame 3F5C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 120daa49a72e222d71bfde6958e4a0909b9b1e1f47d46c8ebe3e411237116cc2

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 3338582971128581741
tpc.googlesyndication.com/simgad/ Frame 3F5C 139 KB
139 KB 15ms
15ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3338582971128581741

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c30f779bb2672d1aef64b2d370d118dd6f3a04d6a247f02379348ff6e22c60cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 14:19:46 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142518
x-xss-protection: 0
expires: Mon, 25 Jul 2022 22:00:31 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3F5C 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 67273
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 26 Jul 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3F5C 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 31970
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 26 Jul 2021 13:07:41 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3F5C 0
0 59ms
59ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0Rxs_979YJHhBo-X-gbM9o2oC-unsvZj-cLvmZwOsJAfEAEg7JaQG2CRhICAjBigAYWDk6sByAEDqQI14cShLMCzPuACAKgDAcgDCKoEgwJP0IXMJdFck8fKNEhE2keq7f5TUaRDWdH2OJ5KknE_DnMmvsp1rqzM_ZCvvb990hrOJEImk-Ya-OIuYGE_4LOu-TyfT5BTQ2kIwoSJac7xnCQBAM2C2nTCoriyww3evoj41uXUqBiW24979YiY3DwYnfC_zhiEe3fhEjUExe0BV_pKoIXGqgpZ3-59sfKdmyndvd5wb5KNsos-ew4jCtv9JwkQMGg03u02qzveLoE5I52IGkAsk82IiEvhfwFxIHcaLgUcvmFsYWTIRdyqLX5C6LsUmM1BTfH-9w2PKExLP9f13b3v53z_DsBeOdiIAD8IXCoYeN-yILkkzU1wjvHqaDt8wATcrqyA1QPgBAGgBgOAB-P87NQCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEENu4HNIICQiI4YAQEAEYHYAKA8gLAdgTA9AVAZgWAYAXAbIXGgoYCAASFHB1Yi0xNzY0MjM2OTE1MTIwNjYx&sigh=OY6cnQhn-wk
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 cbBdsV2.js Show response
s0.2mdn.net/creatives/assets/3781309/ Frame 2648 22 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3997469/Topcontroller_CT.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ce12c6a858d78dbc3b062ff1905ec4e84e23e72887f6c054f7687d19ee8aa0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4666
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 10:44:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:01:10 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2648 6 KB
4 KB 17ms
16ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b7dd620144604a6ed29e8661dc0a7cb943440a190457657514a9343386deb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4333
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2648 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:00:31 GMT

GET
H3-29 200 cbstyle.css
s0.2mdn.net/creatives/assets/3758114/ Frame 2648 20 KB
4 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c51f616467ff036ffc3cda167dd0767f1196464c04e6753c10fdecf489fdace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4002
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 12:37:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:01:04 GMT

GET
H3-29 200 cbLib.js Show response
s0.2mdn.net/creatives/assets/3781309/ Frame 2648 40 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309/cbLib.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1a0719678f9792e144181b228af747aefbfbd1f7b41eb6c29fc6be3c9aac869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9709
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 13:41:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:09:31 GMT

GET
H3-29 200 cbResourceList.js Show response
s0.2mdn.net/creatives/assets/3781309// Frame 2648 48 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309//cbResourceList.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1f2800ef9f421031a266e43b3fef58c4bf600ebdbb93b6aa3d5cfc8d2e1d99f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6375
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 12:02:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:09:31 GMT

GET
H3-29 200 moduleList.js Show response
s0.2mdn.net/creatives/assets/3781309/ Frame 2648 5 KB
828 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309/moduleList.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ab967337aa8edae5bb0cf87c905b770b76b85be76de75eae74fa4c6041b060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 802
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 14:23:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:09:31 GMT

GET
H3-29 200 AssetsList.js Show response
s0.2mdn.net/creatives/assets/3757766/ Frame 2648 1 KB
328 B 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3757766/AssetsList.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02159cd3570c28fb35026c7708464a7fa408568bd8c56c75c50152fc7e624214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 302
x-xss-protection: 0
last-modified: Mon, 04 Jan 2021 11:52:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:01:27 GMT

GET
H3-29 200 dobraslab-medium-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 2648 11 KB
11 KB 8ms
7ms Font
font/woff 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/dobraslab-medium-webfont.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:55:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Oct 2019 14:21:22 GMT
server: sffe
age: 292
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11356
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:10:39 GMT

GET
H3-29 200 dobraslab-book-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 2648 28 KB
28 KB 12ms
11ms Font
font/woff 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/dobraslab-book-webfont.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:59:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Oct 2019 14:21:00 GMT
server: sffe
age: 47
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28524
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:14:44 GMT

GET
H3-29 200 aebl____-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 2648 20 KB
20 KB 12ms
11ms Font
font/woff 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/aebl____-webfont.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:54:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Oct 2019 14:21:37 GMT
server: sffe
age: 332
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20060
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:09:59 GMT

GET
H3-29 200 OpenSans-Regular.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 2648 95 KB
58 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Regular.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59331
x-xss-protection: 0
last-modified: Tue, 15 Oct 2019 14:29:46 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:01:29 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3F5C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
40ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 25 Jul 2021 22:00:31 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 carousel.js Show response
s0.2mdn.net/creatives/assets/3782701/ Frame 2648 61 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782701/carousel.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed99e90ee1e28944cb257b8a06d730a89f3cbf40dcb2f102b8414e80897dabda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9789
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 11:20:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:14:57 GMT

GET
H3-29 200 productCard.js Show response
s0.2mdn.net/creatives/assets/3782707/ Frame 2648 86 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782707/productCard.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f3f6121ee9e9db4bb59cb15d5584d38625752b6a3d5a69988464177eb726092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10516
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:01:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:04:50 GMT

GET
H3-29 200 uspCtaV2.js Show response
s0.2mdn.net/creatives/assets/3782491/ Frame 2648 8 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9c57c81d47ce90d89f07b6fa259e7b6ab9e7d843ab8608950e3d2d9bad3da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1550
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 09:59:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:15:05 GMT

GET
H3-29 200 Top10Design.css
s0.2mdn.net/creatives/assets/3997469/ Frame 2648 10 KB
2 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3997469/Top10Design.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

381375e2be635408860be657e0e14613c8511cc9787f87d433598ad2b0e476e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1602
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 10:23:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:01:56 GMT

GET
H3-29 200 NL_NL_DISPLAY_PROS_SA_TOP_CT.js Show response
s0.2mdn.net/creatives/assets/3782500/ Frame 2648 28 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782500/NL_NL_DISPLAY_PROS_SA_TOP_CT.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a1eb9573c5cff7f4079e172f4705f2bbf80e74966917b9aa30a18ea935e34ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:49:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2686
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 16:22:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:04:00 GMT

GET
H3-29 200 factSloganSplashV3.css
s0.2mdn.net/creatives/assets/3782803/ Frame 2648 1 KB
395 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6179c4db6016209d3297febf8a9243c7356e99b52cb8b3c7e7b72c0bbc7dbaf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 363
x-xss-protection: 0
last-modified: Wed, 30 Dec 2020 11:09:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:08:01 GMT

GET
H3-29 200 factSloganSplashV3.js Show response
s0.2mdn.net/creatives/assets/3782803/ Frame 2648 30 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d3315c2b2c849bdb5d2a94f08472eaadb8147502748cef585adc1d000e1a38b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4000
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 08:22:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:01:10 GMT

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8917 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 00:44:08 GMT

GET
H3-29 200 3338582971128581741
tpc.googlesyndication.com/simgad/ Frame 3F5C 139 KB
139 KB 8ms
8ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3338582971128581741

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c30f779bb2672d1aef64b2d370d118dd6f3a04d6a247f02379348ff6e22c60cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142518
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 14:19:46 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Jul 2022 22:00:31 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3F5C 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 67273
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 26 Jul 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3F5C 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 31970
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 26 Jul 2021 13:07:41 GMT

GET
H3-29 200 uspCtaV2.css
s0.2mdn.net/creatives/assets/3782491/ Frame 2648 5 KB
790 B 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a34f0ac0e0bae229e0913698c55cf65d12b30bb97c62e0bd6c8691dbbf2f9857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 758
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 14:10:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:08:01 GMT

GET
H3-29 200 productCard.css
s0.2mdn.net/creatives/assets/3782707/ Frame 2648 110 KB
8 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782707/productCard.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

937e538076ed7b876c7f25211946fafda156fc508e98a3b68a6acb59181ae0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 15:31:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:14:38 GMT

GET
H3-29 200 carousel.css
s0.2mdn.net/creatives/assets/3782701/ Frame 2648 14 KB
2 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782701/carousel.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

237c7b47a1aa95b662e01c9628165f3731cda8f807109d86e2fed9a9b6ff7f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1679
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 15:40:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:14:38 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74E5 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoOGF_979YNmWDKGZrASgx4KoAwAAAAA4AeAEAg&bg=!eHulez_NAAbnC78O5ws7ACkAdvg8WinOP_X5CkvcAhJ-txM9RGZWe_uN6sKHgxGCl4zHYVvbLMnc8gIAAACFUgAAADZoAQeZAsaF_NU9ZjQjLrp5U2rG29NO0N7QGvKkBQNaTCrK0Npmqje8nH78TEAwUbQrUxYIUS5NGbPOsqQU_dYC9oHxFlCGtVoueHU_PEA8R50v4oiNRxMw5Zmt9vDqKbsNqHR6n39l7HohyPfxJlIdeQjsVcfrFGJLZQ6w17Bt-QV14imPp37BeyS0hd7Pf_XlA7mjQe86tjtYGwlxzNraIp3e6DdjEW74uoRtokJY3dyhcOjrFPJa6L-D-PGQPD1fMxYN_mT5NmsVBG04OybF4SIxXRb6c_MRRJAUeUuyar16UJO2VJjFBHyFcFQbqKfMzQMWcJvrFfLUeHgYPix7NU8xUJu-EWOfeC1CTHkZkUTAkhTxx9eH0yZ_9NuS5WpuxZE3A0-IK96DEDQUjz_0FsY1W8MYKmeqb3RRskEWloaCXr3nGelyU4rbhi0yEENMiMSmkn2PJOurwj3niOC-5Fo-oHG1sAaIK4sY6l5bmlNWevOfIjFJCKjWKTOTQA9HPcYYJtmEdr3J-uUwvmH9o2_s0iHw2RP8VYfrEoLBFdy5-FjqCT8nLBNHR0CaAWxrg9Wvf_nqJcmja1ntrTS0O8AjiLjtAxE2gpT080M7Om-ObRGskCvghq-ZljcrfxYTYTpR_0G3PqARep14bkb4r_rpouupeF3a7Ga4djH0RZ56Pszqd5CkqjqHGnS1N_KbzetTm-9V2s8PaGlqsKAMYSFE4GxuTLKT_6FRMy2Mx-EmGM0JkUZG2wmjC0GWxVlVNsrfovA71YfeJeeE8rInKrEuhATVnT6M_hafDf7grHiOKjMtLk7eHJaaAhPRsTJsguAIJsHJIBy6lpXhS2EquaduVVvGqFbtTsounO22xxv3rWe0pX7rY9pirVHiv0HZCTE9r3nIK-Q_8rQq0hWrMpZ799GUnfIBLfGpiwDWvxhVfq-7aB9TQ-xhkA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 CB-logo.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 2648 5 KB
1 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782689/CB-logo.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1492
x-xss-protection: 0
last-modified: Fri, 12 Jun 2020 07:30:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:09:26 GMT

GET
H3-29 200 container.html Show response
fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2152 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 25 Jul 2021 22:00:30 GMT
expires: Mon, 25 Jul 2022 22:00:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8B7D 640 B
318 B 19ms
17ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNXyiGpuChsJ9TxrQdB-WlzfcwpxEjihfR1494N0RnIAPAofyNaXTtVoUwELHT4lqbtx2SHXFnl_S5kwhZBRK-nTnKmfYrWXSkc5eG3oV_cc368E-sABB1xhWG1qpB6rB61_CavCMKUa8nN0796isMAajElRM_368Khi5oXSo4VtdI8MxD4

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNXyiGpuChsJ9TxrQdB-WlzfcwpxEjihfR1494N0RnIAPAofyNaXTtVoUwELHT4lqbtx2SHXFnl_S5kwhZBRK-nTnKmfYrWXSkc5eG3oV_cc368E-sABB1xhWG1qpB6rB61_CavCMKUa8nN0796isMAajElRM_368Khi5oXSo4VtdI8MxD4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn1fZhofOdtRHbHYT8GLeF9ghwkd8uqfzxVz3N6iQUrufJ9xD62QOm216LS; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 25 Jul 2021 22:00:31 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 25 Jul 2021 22:00:31 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2152 24 KB
13 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKlfJbSJT6unpwPED3bnLhSKOPquvUpJxdNcFA4fbWW7Fl2GC6MBIsyNN1UBK_y1u3k8eXvc9paG3tam0WlvBS0a_9BJjMbuBYvNB0O0SB7SrnN5cZhoDcEUyiAUXgzqKkaS6tCqx0kN-jis0Oa0st-1HKhw&cry=1&dbm_d=AKAmf-CfLj8IpuWMqKgGje_rHKJBxD8gAVk68mHNlqQ8KbUMYkYcm2NVWkRhZiNoguRU0iqQXFjQDRXALM-gtstMZLSLiPoE_MqH-QCLLBMrfRhYu7aUoIJvXJlwlqrAduT3j6Emi2oLzfMRTnxc_T-jeY_6PfepLfJ72XhqrPgex_XbSbubjBG9PDqe1NEU8nvyvR3TNAcElV3mqPUkvyYaZHY89U9fLW1KFEP35Jlc-1ccViX0rWh9mW0_C3_LKLg1LSAKgWwGQhxF369StGz6E7tEvVBxOTDxdO1kQ-Uo7ptlgGqdCE1G-aDWbQAjG-v2_nutUjXSU573MVB-HMUJt2_FgLXtn6WSZO3sDOAlqKvlTHhuhtJawc7TvUW6HdVb92K764iA3N9VImFaWytQj762AgMQr9KF2_2lMR6juFX2yy_RBNpoRa-ddO16H6vD_pkE3aj8dAFC2eUzp5cbMPpzHBtEG7EIGy-4l8owxzlotYaPUqjQ-38zw_jUxAtxLRU-z15EBEkhzsrGpm02lK1NDRTwXsOZaKGwryk4ZM5cgsnLefFjoxAAB7cMxDK_niEul_Sw544nZIkUGc9YVQ1Wx515LxFASxbtuGnRsG2u7-W6zWbl4zgp3vfAexiqnESpYEMDrMUuEoyT4KvIEjqRZq9LfFHYCtE2stHX0vvqG1Ll0zL1E3g09QE2N30fvKPtrOR-BmZMkssnCrfvtHcMHx1lGHhhDxEPc6OO2pAI1bpo_28gDLQKZwaJKsyePxuMi-_jnShbA16QBjY_ljJPNF04M2wlQnrFNhpFs902OImKgfxzz9VG-s_wk0-lAPFfqsZFSDKEyAHfK01BoMG_AP__8cdZkSjpad53DsupbZ4VaH_dZM7R0xKkJ29U0d10eow-RuzjnSsXhPCIr_xZb5PfL2glc7A8Tw5NUDS9u2E3QN9rxkI7KFiSQmsv1ykSNq_mCs9BamM_hfw_ioX9GSto9X9_jbF-YByU8z40iK0yjJFOE29sVQJgzwKPskNpxFJpNlIf1B8ohjFanGxn1ASMwYmJRz_HRv7rCouHtMxZIft22YXS4VWkJl9gnNK_KLi7bc0ax4UNR6RjQExDNwvrI3q-xCGs2vnx4-e_xmCHOTNWAJmNuCPbTX9RdrX96zLdi1mObBqFGUNVu6hiX_3A6Q-fszAIm12qJRU6SKY4h7PUd_B6yS4w3c-uBLimLf5sbRCZC4uuLtRoc-e5Q08T9G2_yMtk9XHp05vKk2KfamorV_UuRJXTnzrKIS-d3g7qz_5jrdC8Om2rC2-6Fui63BNgP5GhvR94QZqDe9ZURxIXp0tJ1k3JmktprOLby-hRYAMy7B21GBdzctlT7N156rz9TAFo2qplDTQ2TEF-xtZri7Vrbom7AOXayLvs2jFebpTeYfzdJDhfxhEq9InEKAMIRj-PJ5ACIFmnQuFeXv5M_g9--u7TSX6UeAVidWl3jKfGbnVI3h8qsL27fAqrhXA0agB1OBgKgFY8d08PiXbi6GZdxSz1GC6OyxqUKG1q_TYN9yEwy32rciJUMtC9XC-HjlZxGBI97Wcb5TkSm_ODNtIo5S3dEurkWaAciuwYbw8AL8a4_D3NAezgaLefThM54BMq3mWfZ9hAwhseLD_kn9zg6AKlaqPp7rvxyBvUEphzS-nZbPf-l_WxteMthCh5zVMylAIVT861Ouqwz0qG0HuPLYOfcyhhe2ydB8ULmItCQ34tiFAXCz4EjENnskclf0c2npT8IBOSmttt-i7oXxEeMjpvDujE50M-nYO5ZPYg9F4_gpTIg_rQt5Cd1_VbErZ5o3Uqd9pidjrTh17IcIVS5INY17FCFHXkx7tYFL5cMrEO1UBT00GY1GADT6dxUiTig5iGzgj-KpL1cTG8ymd5OKG1tN8mpBz1JNqIdipWpiB9mTgXOmNN9nHUbAGXj_kQw2xmfY52DuY_xQGgcm89S_CBuMICCv2SamY8a_9EQHyj6x0CbQQaTIDWmsJ16aSizh4EUmwJoK3LfAwzmTaZM9O_Y-KACpEghGTI7rHhOBI_yE-Ojw46ESJ06u7QoizgQp6R_vJg0xwiKbtzZRY_6E0HRGYrEbWEH4Wpzexpsmm4_QwXJ-yuOTSrL-Q2TsYNkI7kJTBk0bJd3EmO2nyoVpeIb9qTe8PJVeZ0zJiSqckHVtQMdQbnZcuXr__NNSGOUduv4fLZ6b4JBWouDI-IMlkpQyYLhgvtnyLVQA9izx_td9kxyLKxDGsOtEGFRVoP0kY1I-gZSN3HgPh8pUdrD9geNT_7cCzHMdctVwzqkiYLP2Erq_NagYeB4ejXNSWChL23uagrYEtrBtV_FOW0CRcQNCqDV013xk1PoTwmM-T0nAsb_KcRWmGxxchyTh0IF3e4IARzzy9P7ICGjZKWKgz3woT4WeFJR4BCxPDDqxa3L_pH5Y1g-Hmf9NLrMftzyd2jvYy4NMetlvAaUfI6vbql8IZCYI7BJW3p1sEtUAJqTJv39s-6qS6AQszcCaNDEcxj9pCGCXHRqd5Iyx09b7sl99UJUElXD-vBErBGJhYjhIDx91zgu0DZg7_EwR0TyLT8gozr2PqPRRfI0cMzhVQHHUe5UobwEzh0omb6AURmAXfZKpbkdsIKXdO3ReSRnBhZ-81x5NJ-RiHH78kq-lzn09SccEd45v_SuNG7J-1JvwlnhHoJShcXBI41jiDy4x18htPc3CvbeNhkQ6TNFTyIWBw38N-FW9TuTc3iRRsV76pvIpaf8iiQDNsGn9OBYQ2Uqqd27ie81vAdkgZD-MavuqhJB5Ah-lF2MJMqQDho5mElzwPgamnh51udmX4UiTrlLN-qBNfRxrwna18F6jnv-NnNN02m3PFUUICPRDZ5oWV4otzy0QD0BRRhbneoZeJh6VEGMHO4R5Sx2H3hNftf5Dh6-Az-qD_9jXAW-eVbUV4uV4XTWMLZa_HUKBW4dLgatrHqKtaFBtDO8bOvfuTV9wSZ8Wk6MD_vyxRxL56Qsv6wiDJpyzKGZLcqVijw0QBXX68eYFlP5whhu7OTgDI3YBNMVbEX0EhccFZfgM7XDhdfLlqwy69YXa4ffoar_g1zxHcXdhRSOV3RtF__oF5IIYSbJuuGiUcOQ2PNxYtiUAfpC5YT9duFZQ&cid=CAASFeRoh1ZJGU6EsUhgHe7KxAVQDw07uw&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a35201fa1108a045cd27d4f969b0894a2bbcdccb20f0f229397613acee500ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12885
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2152 42 B
63 B 73ms
71ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CL80oEM3-Dwg4ER0gPLGFHFopQaHLe1kZEQrdHkoVZzc6JARW3WcxycDXGkg6xEGWeJi2bSL0jnht6AM9arf7EkWKEfiEaKvkm2TDtyU6JYWBVqFg

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 2152 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:54:49 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2152 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039891503395"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:00:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 2152 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:57:58 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 2152 0
0 16ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9cTRlm8br99klcDAF4vu0XT-SCZwUs5pONMwfAAdC6DcGY0r_MSIfSoXLt3Grqktq04Xc0lbwXQbIg4OH6I2BLBb7qg
Requested by: Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8B7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENKcOus-lAy67QxXBUnod5w&google_cver=1

43 B
172 B

22ms
21ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENKcOus-lAy67QxXBUnod5w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNXyiGpuChsJ9TxrQdB-WlzfcwpxEjihfR1494N0RnIAPAofyNaXTtVoUwELHT4lqbtx2SHXFnl_S5kwhZBRK-nTnKmfYrWXSkc5eG3oV_cc368E-sABB1xhWG1qpB6rB61_CavCMKUa8nN0796isMAajElRM_368Khi5oXSo4VtdI8MxD4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENKcOus-lAy67QxXBUnod5w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8B7D
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWNmMDgzNDctNmMyYS0yZTEwLWZlYTEtMmZlNGJkZDViODc3

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWNmMDgzNDctNmMyYS0yZTEwLWZlYTEtMmZlNGJkZDViODc3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNXyiGpuChsJ9TxrQdB-WlzfcwpxEjihfR1494N0RnIAPAofyNaXTtVoUwELHT4lqbtx2SHXFnl_S5kwhZBRK-nTnKmfYrWXSkc5eG3oV_cc368E-sABB1xhWG1qpB6rB61_CavCMKUa8nN0796isMAajElRM_368Khi5oXSo4VtdI8MxD4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Jul 2021 22:00:31 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWNmMDgzNDctNmMyYS0yZTEwLWZlYTEtMmZlNGJkZDViODc3
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 8B7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEM-4Aj5AZ0LIU8yw0xT8urw&google_cver=1

23 B
172 B

101ms
58ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEM-4Aj5AZ0LIU8yw0xT8urw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNXyiGpuChsJ9TxrQdB-WlzfcwpxEjihfR1494N0RnIAPAofyNaXTtVoUwELHT4lqbtx2SHXFnl_S5kwhZBRK-nTnKmfYrWXSkc5eG3oV_cc368E-sABB1xhWG1qpB6rB61_CavCMKUa8nN0796isMAajElRM_368Khi5oXSo4VtdI8MxD4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 25 Jul 2021 22:00:32 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEM-4Aj5AZ0LIU8yw0xT8urw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 8B7D 23 B
172 B 130ms
54ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNXyiGpuChsJ9TxrQdB-WlzfcwpxEjihfR1494N0RnIAPAofyNaXTtVoUwELHT4lqbtx2SHXFnl_S5kwhZBRK-nTnKmfYrWXSkc5eG3oV_cc368E-sABB1xhWG1qpB6rB61_CavCMKUa8nN0796isMAajElRM_368Khi5oXSo4VtdI8MxD4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 25 Jul 2021 22:00:32 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 2152 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKlfJbSJT6unpwPED3bnLhSKOPquvUpJxdNcFA4fbWW7Fl2GC6MBIsyNN1UBK_y1u3k8eXvc9paG3tam0WlvBS0a_9BJjMbuBYvNB0O0SB7SrnN5cZhoDcEUyiAUXgzqKkaS6tCqx0kN-jis0Oa0st-1HKhw&cry=1&dbm_d=AKAmf-CfLj8IpuWMqKgGje_rHKJBxD8gAVk68mHNlqQ8KbUMYkYcm2NVWkRhZiNoguRU0iqQXFjQDRXALM-gtstMZLSLiPoE_MqH-QCLLBMrfRhYu7aUoIJvXJlwlqrAduT3j6Emi2oLzfMRTnxc_T-jeY_6PfepLfJ72XhqrPgex_XbSbubjBG9PDqe1NEU8nvyvR3TNAcElV3mqPUkvyYaZHY89U9fLW1KFEP35Jlc-1ccViX0rWh9mW0_C3_LKLg1LSAKgWwGQhxF369StGz6E7tEvVBxOTDxdO1kQ-Uo7ptlgGqdCE1G-aDWbQAjG-v2_nutUjXSU573MVB-HMUJt2_FgLXtn6WSZO3sDOAlqKvlTHhuhtJawc7TvUW6HdVb92K764iA3N9VImFaWytQj762AgMQr9KF2_2lMR6juFX2yy_RBNpoRa-ddO16H6vD_pkE3aj8dAFC2eUzp5cbMPpzHBtEG7EIGy-4l8owxzlotYaPUqjQ-38zw_jUxAtxLRU-z15EBEkhzsrGpm02lK1NDRTwXsOZaKGwryk4ZM5cgsnLefFjoxAAB7cMxDK_niEul_Sw544nZIkUGc9YVQ1Wx515LxFASxbtuGnRsG2u7-W6zWbl4zgp3vfAexiqnESpYEMDrMUuEoyT4KvIEjqRZq9LfFHYCtE2stHX0vvqG1Ll0zL1E3g09QE2N30fvKPtrOR-BmZMkssnCrfvtHcMHx1lGHhhDxEPc6OO2pAI1bpo_28gDLQKZwaJKsyePxuMi-_jnShbA16QBjY_ljJPNF04M2wlQnrFNhpFs902OImKgfxzz9VG-s_wk0-lAPFfqsZFSDKEyAHfK01BoMG_AP__8cdZkSjpad53DsupbZ4VaH_dZM7R0xKkJ29U0d10eow-RuzjnSsXhPCIr_xZb5PfL2glc7A8Tw5NUDS9u2E3QN9rxkI7KFiSQmsv1ykSNq_mCs9BamM_hfw_ioX9GSto9X9_jbF-YByU8z40iK0yjJFOE29sVQJgzwKPskNpxFJpNlIf1B8ohjFanGxn1ASMwYmJRz_HRv7rCouHtMxZIft22YXS4VWkJl9gnNK_KLi7bc0ax4UNR6RjQExDNwvrI3q-xCGs2vnx4-e_xmCHOTNWAJmNuCPbTX9RdrX96zLdi1mObBqFGUNVu6hiX_3A6Q-fszAIm12qJRU6SKY4h7PUd_B6yS4w3c-uBLimLf5sbRCZC4uuLtRoc-e5Q08T9G2_yMtk9XHp05vKk2KfamorV_UuRJXTnzrKIS-d3g7qz_5jrdC8Om2rC2-6Fui63BNgP5GhvR94QZqDe9ZURxIXp0tJ1k3JmktprOLby-hRYAMy7B21GBdzctlT7N156rz9TAFo2qplDTQ2TEF-xtZri7Vrbom7AOXayLvs2jFebpTeYfzdJDhfxhEq9InEKAMIRj-PJ5ACIFmnQuFeXv5M_g9--u7TSX6UeAVidWl3jKfGbnVI3h8qsL27fAqrhXA0agB1OBgKgFY8d08PiXbi6GZdxSz1GC6OyxqUKG1q_TYN9yEwy32rciJUMtC9XC-HjlZxGBI97Wcb5TkSm_ODNtIo5S3dEurkWaAciuwYbw8AL8a4_D3NAezgaLefThM54BMq3mWfZ9hAwhseLD_kn9zg6AKlaqPp7rvxyBvUEphzS-nZbPf-l_WxteMthCh5zVMylAIVT861Ouqwz0qG0HuPLYOfcyhhe2ydB8ULmItCQ34tiFAXCz4EjENnskclf0c2npT8IBOSmttt-i7oXxEeMjpvDujE50M-nYO5ZPYg9F4_gpTIg_rQt5Cd1_VbErZ5o3Uqd9pidjrTh17IcIVS5INY17FCFHXkx7tYFL5cMrEO1UBT00GY1GADT6dxUiTig5iGzgj-KpL1cTG8ymd5OKG1tN8mpBz1JNqIdipWpiB9mTgXOmNN9nHUbAGXj_kQw2xmfY52DuY_xQGgcm89S_CBuMICCv2SamY8a_9EQHyj6x0CbQQaTIDWmsJ16aSizh4EUmwJoK3LfAwzmTaZM9O_Y-KACpEghGTI7rHhOBI_yE-Ojw46ESJ06u7QoizgQp6R_vJg0xwiKbtzZRY_6E0HRGYrEbWEH4Wpzexpsmm4_QwXJ-yuOTSrL-Q2TsYNkI7kJTBk0bJd3EmO2nyoVpeIb9qTe8PJVeZ0zJiSqckHVtQMdQbnZcuXr__NNSGOUduv4fLZ6b4JBWouDI-IMlkpQyYLhgvtnyLVQA9izx_td9kxyLKxDGsOtEGFRVoP0kY1I-gZSN3HgPh8pUdrD9geNT_7cCzHMdctVwzqkiYLP2Erq_NagYeB4ejXNSWChL23uagrYEtrBtV_FOW0CRcQNCqDV013xk1PoTwmM-T0nAsb_KcRWmGxxchyTh0IF3e4IARzzy9P7ICGjZKWKgz3woT4WeFJR4BCxPDDqxa3L_pH5Y1g-Hmf9NLrMftzyd2jvYy4NMetlvAaUfI6vbql8IZCYI7BJW3p1sEtUAJqTJv39s-6qS6AQszcCaNDEcxj9pCGCXHRqd5Iyx09b7sl99UJUElXD-vBErBGJhYjhIDx91zgu0DZg7_EwR0TyLT8gozr2PqPRRfI0cMzhVQHHUe5UobwEzh0omb6AURmAXfZKpbkdsIKXdO3ReSRnBhZ-81x5NJ-RiHH78kq-lzn09SccEd45v_SuNG7J-1JvwlnhHoJShcXBI41jiDy4x18htPc3CvbeNhkQ6TNFTyIWBw38N-FW9TuTc3iRRsV76pvIpaf8iiQDNsGn9OBYQ2Uqqd27ie81vAdkgZD-MavuqhJB5Ah-lF2MJMqQDho5mElzwPgamnh51udmX4UiTrlLN-qBNfRxrwna18F6jnv-NnNN02m3PFUUICPRDZ5oWV4otzy0QD0BRRhbneoZeJh6VEGMHO4R5Sx2H3hNftf5Dh6-Az-qD_9jXAW-eVbUV4uV4XTWMLZa_HUKBW4dLgatrHqKtaFBtDO8bOvfuTV9wSZ8Wk6MD_vyxRxL56Qsv6wiDJpyzKGZLcqVijw0QBXX68eYFlP5whhu7OTgDI3YBNMVbEX0EhccFZfgM7XDhdfLlqwy69YXa4ffoar_g1zxHcXdhRSOV3RtF__oF5IIYSbJuuGiUcOQ2PNxYtiUAfpC5YT9duFZQ&cid=CAASFeRoh1ZJGU6EsUhgHe7KxAVQDw07uw&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9349
x-xss-protection: 0
server: cafe
etag: 11779355884012761328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:42:51 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2152 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 00:44:09 GMT

GET
H/1.1 200
OK mu72dqmlk6df Show response
hal9000.redintelligence.net/zone/ Frame 2152 11 KB
4 KB 95ms
32ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/mu72dqmlk6df?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeyLT_979YKn7GNfPgAfUkoiABuKw3PBfvrPU-4kL8C4QASDslpAbYJGEgICMGMgBCakCNeHEoSzAsz6oAwGqBOcBT9BAyfSRW_t0sNFi3yd8DknC49G0i6zQC560XABMTK6cZehQ5R3kFSYD8X9F9-hxJJX260OK0TU7KelKi2jVwe1a3czlIX-xyI_hVN6pCblp2u174YCAf74_YZXcB_WBuLabjYCiKXcl-2a992DlxEKT91Sb85x7CQ4F4dAXGKAk568r4G9jEN58kVGU-wvWPwkd4J0-inp2WJJWvFqId6Dpo4ZsWyDy_INrEjHayKYBeVgv15alpYemCZW-75AbMvYB8aAeOz0mlEqcJ6puE4iTbclRZTqnxis5cP_kdAifh4F8UH2ewATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5flsgrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoh1ZJGU6EsUhgHe7KxAVQDw07uw%26sig%3DAOD64_2yr75ILr9CDA_XIPZ7mMPl-mpkVQ%26client%3Dca-pub-1764236915120661%26dbm_c%3DAKAmf-Cbrs_aqotsV0_cAnpwaEXFfGKPrCc-9gTgJj_QKX3lsEyTvOm5gmLhkWA3mJZhEjdCU6T0Kn3Xppz22CKKXqObHGFE_efjj76uHw-SDrRxYv3z5vaFbLQY531MRDWcpaYp7qucfHbxZVzxtMxbdiB7Xz9tQA%26cry%3D1%26dbm_d%3DAKAmf-AzzvZpYsKX0L9_IhHZUtNbHSKS-WT6Or-PA9RL4s2wP-XQCmrt6CqK4HkHi1Z3NL2uTUoBb2ky-ANnLM5EhB3Hrl7EkHEQZSqTfDBGchHoELR1_NTLS2DIBYYxG0yaTf2OnMQDjumKfErU7E7DbNxK0P2EPUb-aDnl2pN0ShG6NJMAJITBxZo80Kk6YZegAyx6fLwngwfjdIq4xuz0pmtLO64eVQC5VgJDdmEiuo9RHVo9YwSREme7hrriP9Hun5Jz_ksE7DvW53HAo4x3xtyLNoa6OheuCzdl_JUrPxGWMuJTBVx5tOaw4gVY2-ppf0l178zmnzKu_-CkFd3NyCc2uUvnkUOPiijDrvEpkisz0XnuBEO7HWLBkcBdiSU1fE6aXhID_gb7B0DH8I71nhSBPb5wO9wEfwj0O2f5yLEWwpW83aKDwHaQC1fmFX3oN9lgbss7yYsSI5u-91M2YB3_8U3q-g%26adurl%3D
Requested by: Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 5e55cbe1bc804f6c6a0296fbe23fc26a7275f7e8593784569597702bec5772b4

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 22:00:32 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3918
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0A7A 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 25 Jul 2021 14:16:29 GMT
expires: Mon, 25 Jul 2022 14:16:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A7A 34 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 00:44:08 GMT

GET
H/1.1

200
OK

request.php Show response
hal90001.redintelligence.net/ Frame 2152
Redirect Chain

https://hal90001.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=474344ccad&subid=&uid=d90303fab0dd2983&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90001.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=474344ccad&subid=&uid=d90303fab0dd2983&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
2 KB

168ms
99ms

Script
application/x-javascript

46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=474344ccad&subid=&uid=d90303fab0dd2983&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeyLT_979YKn7GNfPgAfUkoiABuKw3PBfvrPU-4kL8C4QASDslpAbYJGEgICMGMgBCakCNeHEoSzAsz6oAwGqBOcBT9BAyfSRW_t0sNFi3yd8DknC49G0i6zQC560XABMTK6cZehQ5R3kFSYD8X9F9-hxJJX260OK0TU7KelKi2jVwe1a3czlIX-xyI_hVN6pCblp2u174YCAf74_YZXcB_WBuLabjYCiKXcl-2a992DlxEKT91Sb85x7CQ4F4dAXGKAk568r4G9jEN58kVGU-wvWPwkd4J0-inp2WJJWvFqId6Dpo4ZsWyDy_INrEjHayKYBeVgv15alpYemCZW-75AbMvYB8aAeOz0mlEqcJ6puE4iTbclRZTqnxis5cP_kdAifh4F8UH2ewATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5flsgrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoh1ZJGU6EsUhgHe7KxAVQDw07uw%26sig%3DAOD64_2yr75ILr9CDA_XIPZ7mMPl-mpkVQ%26client%3Dca-pub-1764236915120661%26dbm_c%3DAKAmf-Cbrs_aqotsV0_cAnpwaEXFfGKPrCc-9gTgJj_QKX3lsEyTvOm5gmLhkWA3mJZhEjdCU6T0Kn3Xppz22CKKXqObHGFE_efjj76uHw-SDrRxYv3z5vaFbLQY531MRDWcpaYp7qucfHbxZVzxtMxbdiB7Xz9tQA%26cry%3D1%26dbm_d%3DAKAmf-AzzvZpYsKX0L9_IhHZUtNbHSKS-WT6Or-PA9RL4s2wP-XQCmrt6CqK4HkHi1Z3NL2uTUoBb2ky-ANnLM5EhB3Hrl7EkHEQZSqTfDBGchHoELR1_NTLS2DIBYYxG0yaTf2OnMQDjumKfErU7E7DbNxK0P2EPUb-aDnl2pN0ShG6NJMAJITBxZo80Kk6YZegAyx6fLwngwfjdIq4xuz0pmtLO64eVQC5VgJDdmEiuo9RHVo9YwSREme7hrriP9Hun5Jz_ksE7DvW53HAo4x3xtyLNoa6OheuCzdl_JUrPxGWMuJTBVx5tOaw4gVY2-ppf0l178zmnzKu_-CkFd3NyCc2uUvnkUOPiijDrvEpkisz0XnuBEO7HWLBkcBdiSU1fE6aXhID_gb7B0DH8I71nhSBPb5wO9wEfwj0O2f5yLEWwpW83aKDwHaQC1fmFX3oN9lgbss7yYsSI5u-91M2YB3_8U3q-g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.u2interference.com%2F&ancestorOrigins=https%3A%2F%2Fwww.u2interference.com&random=5831362212225&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: b1f47c706c54c7d544dca60397f62a9d88ee87e0f74b8afeedc9bb9e9f0010f9

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jul 2021 22:00:32 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 92070900000058100719594011667001
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 948
Expires: Sun, 25 Jul 2021 23:00:32 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 25 Jul 2021 22:00:32 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=474344ccad&subid=&uid=d90303fab0dd2983&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeyLT_979YKn7GNfPgAfUkoiABuKw3PBfvrPU-4kL8C4QASDslpAbYJGEgICMGMgBCakCNeHEoSzAsz6oAwGqBOcBT9BAyfSRW_t0sNFi3yd8DknC49G0i6zQC560XABMTK6cZehQ5R3kFSYD8X9F9-hxJJX260OK0TU7KelKi2jVwe1a3czlIX-xyI_hVN6pCblp2u174YCAf74_YZXcB_WBuLabjYCiKXcl-2a992DlxEKT91Sb85x7CQ4F4dAXGKAk568r4G9jEN58kVGU-wvWPwkd4J0-inp2WJJWvFqId6Dpo4ZsWyDy_INrEjHayKYBeVgv15alpYemCZW-75AbMvYB8aAeOz0mlEqcJ6puE4iTbclRZTqnxis5cP_kdAifh4F8UH2ewATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5flsgrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoh1ZJGU6EsUhgHe7KxAVQDw07uw%26sig%3DAOD64_2yr75ILr9CDA_XIPZ7mMPl-mpkVQ%26client%3Dca-pub-1764236915120661%26dbm_c%3DAKAmf-Cbrs_aqotsV0_cAnpwaEXFfGKPrCc-9gTgJj_QKX3lsEyTvOm5gmLhkWA3mJZhEjdCU6T0Kn3Xppz22CKKXqObHGFE_efjj76uHw-SDrRxYv3z5vaFbLQY531MRDWcpaYp7qucfHbxZVzxtMxbdiB7Xz9tQA%26cry%3D1%26dbm_d%3DAKAmf-AzzvZpYsKX0L9_IhHZUtNbHSKS-WT6Or-PA9RL4s2wP-XQCmrt6CqK4HkHi1Z3NL2uTUoBb2ky-ANnLM5EhB3Hrl7EkHEQZSqTfDBGchHoELR1_NTLS2DIBYYxG0yaTf2OnMQDjumKfErU7E7DbNxK0P2EPUb-aDnl2pN0ShG6NJMAJITBxZo80Kk6YZegAyx6fLwngwfjdIq4xuz0pmtLO64eVQC5VgJDdmEiuo9RHVo9YwSREme7hrriP9Hun5Jz_ksE7DvW53HAo4x3xtyLNoa6OheuCzdl_JUrPxGWMuJTBVx5tOaw4gVY2-ppf0l178zmnzKu_-CkFd3NyCc2uUvnkUOPiijDrvEpkisz0XnuBEO7HWLBkcBdiSU1fE6aXhID_gb7B0DH8I71nhSBPb5wO9wEfwj0O2f5yLEWwpW83aKDwHaQC1fmFX3oN9lgbss7yYsSI5u-91M2YB3_8U3q-g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.u2interference.com%2F&ancestorOrigins=https%3A%2F%2Fwww.u2interference.com&random=5831362212225&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 25 Jul 2021 23:00:32 +0200

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A7A 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYUwh_979YJ3ROYP4gAfM-pnADAAAAAA4AeAEAg&bg=!GhmlGV3NAAbnC78O5ws7ACkAdvg8WkzKtCak6HaHR9zp1K72moyp43JRGGMcAQQik11hquGUSNUjVgIAAABRUgAAAAhoAQcKABlQG5ls0RVB1GqAIsZEvZ_giXxxLXkEYKfsmQLU6dEkr-gfvqHhubjrsaeuFarUBj70kzSqliF3c2MPRFEwLO0FVWOz2BJ7qdzrOdYUIZuWh10dEK50ywOTqDPpIxw6lHfguJEQxLxG5oUZS2foSWPmhn0S3lKX6eRUwHGUbyATlQ-Yw6GyAvsyq4J32gT24pGnn8UUJalWw1I8oQDp8JDgLmcQh4MvrSMAN7XINiTlPR22adEpJuymqksreB4D2H3E-KHH-N5G-qr7dEpQdVuzx1Eaj38czOCPd4jrDYRNDlzZ85J3R2sVFvhpw0GXdvXjYZ3kRuzRFZtoWuOemBjtpbpYMbsjmm2ayIbEuwXiwCRyamHAc6Oce0ec421Ay9TA3i-_7J4x_T8TnTRI29COib59gRD86kQyy8SkcmeJh897wUdFiw9X0FI0Pf3TnPSoVDPYudhpgpS-HyuxPiNrePdz91Rig1woil_yCHy06n9jpLAgHXr1Dtm1QvYZb_UcwnnnuW05OU5Eqes27Yip0mBQw14FDECCGaz0mnx98mcV3JH-wZ2AHfdIwQJURctMtkQM_ntPL0qpQsvDMQWC-dWPM-taldvzLsKTZtCY1WRxtzWqwHlA8pFjVZcNzcyNJZJOSpZitJAf6MsN4P5SotSB5Rrw2N341Aw3Rdn_aSt3D_LqcMotI24BD6fYJE-qeuDuakN4lWAyTWNumwZFFFPgt3zCnXZOwHopf8gUgWeScEo1LF5NOzAeQk1VWsLWdGSpsEvQK0ySGC7p8G6ehNNASxHgOSe_ZRtzPyJ3RO3Oc1CX5dI_sXrG51pGqYGK6c8LXRgxoFsXvNyztYbx0emqj5b6CmhUaTYBZLpXhyqfd6AfEgVim0bq8JEz3kCQ-lDd4cst3JvY2aRLXx4pHYVDQIliB3vmMj-XtPSwGtYj75oEMuWMOwOKWb3-iaF7sGjT9wIJOQgKFwZLt4123W6p4ON3-GXrs_7gxcuoHQ

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gradient728x90.png
s0.2mdn.net/creatives/assets/3681596/ Frame 2648 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3681596/gradient728x90.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1f2ad19633051d6a096ada0b6a79b6bd31a4f7932b5221374bff41ea515e57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:55:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Apr 2020 15:50:05 GMT
server: sffe
age: 327
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2950
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:10:05 GMT

GET
H3-29 200 bannerImage-867496.png_1621573333631_bannerImage-867496.png
s0.2mdn.net/dynamic/2/10733690/coolblue.bynder.com/m/d503c24326e56fbc/ Frame 2648 220 KB
220 KB 9ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10733690/coolblue.bynder.com/m/d503c24326e56fbc/bannerImage-867496.png_1621573333631_bannerImage-867496.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c0663f22641285eafb65e35b6a3f85d62d21da0c42d68cc4a764c7af1456d75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 09:58:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 May 2021 05:02:36 GMT
server: sffe
age: 302506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225395
x-xss-protection: 0
expires: Fri, 22 Jul 2022 09:58:46 GMT

GET
H3-29 200 216717_1605781170362_216717.jpeg
s0.2mdn.net/dynamic/2/10733690/image.coolblue.io/content/ Frame 2648 108 KB
108 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10733690/image.coolblue.io/content/216717_1605781170362_216717.jpeg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20ee1213307137fb4045dbc3fdb8b7f574fd75d1b5e689bfc33f0d0f878075c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:46:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 10:19:39 GMT
server: sffe
age: 465223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110282
x-xss-protection: 0
expires: Wed, 20 Jul 2022 12:46:49 GMT

GET
H3-29 200 bannerImage-862256.png_1611810115402_bannerImage-862256.png
s0.2mdn.net/dynamic/2/10733690/coolblue.bynder.com/m/12008aa0da4a2256/ Frame 2648 204 KB
204 KB 10ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10733690/coolblue.bynder.com/m/12008aa0da4a2256/bannerImage-862256.png_1611810115402_bannerImage-862256.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17720699e2c5269fa6ec7e391f59f310e0c571393d62ed430a191796e60ed0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 10:19:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 05:02:00 GMT
server: sffe
age: 301268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 209194
x-xss-protection: 0
expires: Fri, 22 Jul 2022 10:19:24 GMT

GET
H3-29 200 526380_1616605363496_526380.jpeg
s0.2mdn.net/dynamic/2/10733690/image.coolblue.io/content/ Frame 2648 27 KB
27 KB 16ms
14ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10733690/image.coolblue.io/content/526380_1616605363496_526380.jpeg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9b553e2da505153cdc51ca4ff6362953c00ca4fef79087f9e5bf8839ce7cab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 11:50:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:02:48 GMT
server: sffe
age: 468591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Wed, 20 Jul 2022 11:50:41 GMT

GET
H3-29 200 bannerImage-870133.png_1605781170362_bannerImage-870133.png
s0.2mdn.net/dynamic/2/10733690/coolblue.bynder.com/m/e56e487d80927ed4/ Frame 2648 368 KB
369 KB 17ms
16ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10733690/coolblue.bynder.com/m/e56e487d80927ed4/bannerImage-870133.png_1605781170362_bannerImage-870133.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7733ea475e2c615e0dcd25d74854e5a11bad4ff2ee3ac2dce587807eeea11680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:44:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 10:19:48 GMT
server: sffe
age: 443767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 377273
x-xss-protection: 0
expires: Wed, 20 Jul 2022 18:44:25 GMT

GET
H3-29 200 209243_1605781170362_209243.jpeg
s0.2mdn.net/dynamic/2/10733690/image.coolblue.io/content/ Frame 2648 70 KB
70 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10733690/image.coolblue.io/content/209243_1605781170362_209243.jpeg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a352005a0840635462b71574fef5eeeb0464107e4fdeb2d0f5ac8768afb922b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:46:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 10:19:36 GMT
server: sffe
age: 472447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71646
x-xss-protection: 0
expires: Wed, 20 Jul 2022 10:46:25 GMT

GET
H3-29 200 OpenSans-Bold.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 2648 102 KB
61 KB 11ms
10ms Font
font/ttf 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Bold.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62275
x-xss-protection: 0
last-modified: Tue, 17 Dec 2019 08:35:20 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:07:01 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9638 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQxg5EUZpMptoRBu3Md8_LpfaUDmfI9x-1_mUm5AbRzti_3l8m-izjonAcPsyEDo_tnu_dXarwztWKabkVBqA7NwaSCetu9JNQPs53Wh6-UlfJayWjgPMk9RpUpA&sai=AMfl-YSRko4889Tmo7SaRUgC3voaOfmaXFyJfK_-jWOX17r8bD4e34Lh61DmlmNXSLWaXThzYjzxCfp7Bj7RlxoYD-LJII3J8vK7fHOiDUj9ox_U4BBQa4sGutFbLYV1rVNq&sig=Cg0ArKJSzEcL_l8yK_IzEAE&cid=CAASFeRoEhx65zT4QPNhoEPiAI3Vn8wKcg&id=lidar2&mcvt=1000&p=290,436,380,1164&asp=290,436,380,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210723&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1152375598&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627250431146&dlt=28&rpt=150&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7DA2 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 25 Jul 2021 22:00:30 GMT
expires: Mon, 25 Jul 2022 22:00:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 17 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02868b5b1d57dbbf1aa9a2505424ca8795be83b2a3af2ddb67079e0af0c3413

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5204766102965218657/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 20 Jul 2021 05:03:32 GMT
expires: Wed, 20 Jul 2022 05:03:32 GMT
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 3483
age: 493020
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7DA2 0
0 58ms
58ms Fetch
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXu9H_979YK-ZNpfF7gO9-r3AAaWps9ZjqJ3WkO8M3NkeEAEg7JaQG2CRhICAjBigAfep99wDyAEJqQI14cShLMCzPuACAKgDAcgDCKoEhQJP0LDYVBf5nW9Chc8kiLrLOv1OhYWSgmdv9abmYQJ4mY2_Ms_XQekPOazULm2T7PyBAid0Tat82FbUZRnu8MLYkOdGWMaFAs7_NO_laOuyVeu6pCDAE75O_qd3Bxe4Emh8sFJ2iiohtv8XPE2nTcdA-8bjH6qCiCg0BnlasXmhi41L-TYLTnywZbYOCfe78205rcI-sI-pKnFsxY3wL4MRxc-s0IMTgyWRG1t0PyXdxtCiM3hdTInpubroKfqm5yCz1Kwnk2uKEzA2jjnAACigD2NHSC6tQgdqT91_USVowIlumY6x9PMSHE0yw5tdm8spfh-5DL0H6bU3qye95etDiOZQR97ABKCrg-mTA-AEAaAGLoAH8dWII6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCGqgLSCAkIiOGAEBABGB2ACgPICwHYEwOIFALQFQGAFwGyFxoKGAgAEhRwdWItMTc2NDIzNjkxNTEyMDY2MQ&sigh=HOrupsz-_6I&template_id=419
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 7DA2 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:46:36 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 7DA2 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:54:49 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DA2 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039891503395"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:00:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 7DA2 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:57:58 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7DA2 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTInjtIB4m3Rku88lJSfar0Tv3dZpPOflkdphB_0InJPWpVv-AI3MQEIIJR41Qu5ph8gVCK1k6G2wSuDpLrkY-A8rTk9Q
Requested by: Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 2152 442 B
920 B 138ms
69ms Script
text/javascript 52.48.71.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=92070900000058100719594011667001&t=js&wid=tt-3a6ef7
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/forums/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.71.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-71-76.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e0bc80c300d6e762a2b7735c0df0b8c9a50a94efb5f425f3e39d0c7f476625c4

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H/1.1 200
OK request_content.php Show response
hal90001.redintelligence.net/ Frame 2C63 8 KB
3 KB 91ms
31ms Document
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request_content.php?s=92070900000058100719594011667001&a=16a63c83
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=474344ccad&subid=&uid=d90303fab0dd2983&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeyLT_979YKn7GNfPgAfUkoiABuKw3PBfvrPU-4kL8C4QASDslpAbYJGEgICMGMgBCakCNeHEoSzAsz6oAwGqBOcBT9BAyfSRW_t0sNFi3yd8DknC49G0i6zQC560XABMTK6cZehQ5R3kFSYD8X9F9-hxJJX260OK0TU7KelKi2jVwe1a3czlIX-xyI_hVN6pCblp2u174YCAf74_YZXcB_WBuLabjYCiKXcl-2a992DlxEKT91Sb85x7CQ4F4dAXGKAk568r4G9jEN58kVGU-wvWPwkd4J0-inp2WJJWvFqId6Dpo4ZsWyDy_INrEjHayKYBeVgv15alpYemCZW-75AbMvYB8aAeOz0mlEqcJ6puE4iTbclRZTqnxis5cP_kdAifh4F8UH2ewATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5flsgrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoh1ZJGU6EsUhgHe7KxAVQDw07uw%26sig%3DAOD64_2yr75ILr9CDA_XIPZ7mMPl-mpkVQ%26client%3Dca-pub-1764236915120661%26dbm_c%3DAKAmf-Cbrs_aqotsV0_cAnpwaEXFfGKPrCc-9gTgJj_QKX3lsEyTvOm5gmLhkWA3mJZhEjdCU6T0Kn3Xppz22CKKXqObHGFE_efjj76uHw-SDrRxYv3z5vaFbLQY531MRDWcpaYp7qucfHbxZVzxtMxbdiB7Xz9tQA%26cry%3D1%26dbm_d%3DAKAmf-AzzvZpYsKX0L9_IhHZUtNbHSKS-WT6Or-PA9RL4s2wP-XQCmrt6CqK4HkHi1Z3NL2uTUoBb2ky-ANnLM5EhB3Hrl7EkHEQZSqTfDBGchHoELR1_NTLS2DIBYYxG0yaTf2OnMQDjumKfErU7E7DbNxK0P2EPUb-aDnl2pN0ShG6NJMAJITBxZo80Kk6YZegAyx6fLwngwfjdIq4xuz0pmtLO64eVQC5VgJDdmEiuo9RHVo9YwSREme7hrriP9Hun5Jz_ksE7DvW53HAo4x3xtyLNoa6OheuCzdl_JUrPxGWMuJTBVx5tOaw4gVY2-ppf0l178zmnzKu_-CkFd3NyCc2uUvnkUOPiijDrvEpkisz0XnuBEO7HWLBkcBdiSU1fE6aXhID_gb7B0DH8I71nhSBPb5wO9wEfwj0O2f5yLEWwpW83aKDwHaQC1fmFX3oN9lgbss7yYsSI5u-91M2YB3_8U3q-g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.u2interference.com%2F&ancestorOrigins=https%3A%2F%2Fwww.u2interference.com&random=5831362212225&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 4af2edf490a17d0a65ba6a89b059a460d2c6e80024aa2ddfe9c9caaae88500e3

Request headers

Host: hal90001.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=173899f9dae32c89
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/

Response headers

Date: Sun, 25 Jul 2021 22:00:32 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 25 Jul 2021 23:00:32 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2306
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2152 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b203650a46d88df4b66855d2261846644403677ad0acab0ae4ba49954b075af3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D27A 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 23:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 25 Jul 2021 23:05:48 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D27A 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 26 Jul 2021 18:31:13 GMT

GET
H3-29 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D27A 57 KB
23 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:00:32 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D58A 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn1fZhofOdtRHbHYT8GLeF9ghwkd8uqfzxVz3N6iQUrufJ9xD62QOm216LS; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 25 Jul 2021 21:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7DA2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c6046312c388a53d133de12cd73d6cf9e2c9bcff9d6b3b5967eb368e032466a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 fbe5fa9e04a0c2ffb1c32c0e211e14c8.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 548 B
578 B 13ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/fbe5fa9e04a0c2ffb1c32c0e211e14c8.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

284615053a0dc8f31bc5242e575a5ec31a3c2884c6172ee3a8fdd03cd38d11c7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 498637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 548
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
server: sffe
date: Tue, 20 Jul 2021 03:29:55 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 03:29:55 GMT

GET
H3-29 200 f5f7e4cbacb708af7cea9219183fd10a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 755 B
785 B 12ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/f5f7e4cbacb708af7cea9219183fd10a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2751dcb449ce81af8d51e4281b140813f591e35a55732954ae8cf2b79aed6a7b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 505463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 755
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
server: sffe
date: Tue, 20 Jul 2021 01:36:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:36:09 GMT

GET
H3-29 200 15e10605572dd64158f9005497b0d799.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 666 B
698 B 18ms
15ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/15e10605572dd64158f9005497b0d799.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85461b284a9dab2cd087d7d204b733e87b3b695eae23e9f72043bc2ead11197b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 475174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 666
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
server: sffe
date: Tue, 20 Jul 2021 10:00:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 10:00:58 GMT

GET
H3-29 200 a07d7adfc4f966bcadb530fcb9c6eaae.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 689 B
720 B 17ms
15ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/a07d7adfc4f966bcadb530fcb9c6eaae.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403b941b779b43892bb9b8dd533afbdc9c17268b01b6584b3b962c5f2aba1331

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 467123
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 689
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
server: sffe
date: Tue, 20 Jul 2021 12:15:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:15:09 GMT

GET
H3-29 200 da46f0c2039ee16b593698aa74a131f5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 589 B
619 B 16ms
14ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/da46f0c2039ee16b593698aa74a131f5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e2c4b82230c4185ad9ea1795461bbd93d7b5544f0cd6205a0d5c5d81cf558b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 475618
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
server: sffe
date: Tue, 20 Jul 2021 09:53:34 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 09:53:34 GMT

GET
H3-29 200 89c3b9bfa75fb4f205ac340f2610e2d8.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 437 B
467 B 16ms
14ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/89c3b9bfa75fb4f205ac340f2610e2d8.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c460c0a1344286ed4e92d62343bc0b73f404b7d0a7c87b7451b862663d73e3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 496437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 437
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
server: sffe
date: Tue, 20 Jul 2021 04:06:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 04:06:35 GMT

GET
H3-29 200 948b85e5226b916f5d71c8272a071c6b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 175 B
205 B 15ms
13ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/948b85e5226b916f5d71c8272a071c6b.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd4d4dc816dffa72f49f5e09ae0962b84ad6734eeaa27b04541506e1ef13eaed

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 517119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 175
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
server: sffe
date: Mon, 19 Jul 2021 22:21:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:21:53 GMT

GET
H3-29 200 58e0df358ce6c296d4a6a88544421b63.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 380 B
410 B 15ms
13ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/58e0df358ce6c296d4a6a88544421b63.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630973061275a7c6c069cb073f8f20b1662807cebe9260bd310503e70ff78628

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 82724
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 380
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
server: sffe
date: Sat, 24 Jul 2021 23:01:48 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Jul 2022 23:01:48 GMT

GET
H3-29 200 31193bcc8b674b9036f1cda50b825da6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 4 KB
4 KB 14ms
12ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/31193bcc8b674b9036f1cda50b825da6.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13851a59b255c409dc7d59252bb593f8dee68d9f3e992aed2879b122f3da2fa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 486526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4044
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
server: sffe
date: Tue, 20 Jul 2021 06:51:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:51:46 GMT

GET
H3-29 200 1f4f2e8297a8d344ca6adea724a3d6ea.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 796 B
826 B 13ms
12ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/1f4f2e8297a8d344ca6adea724a3d6ea.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab451e881772c838972c0ce9a4e985ffef822b5426df51879c2d636fdee1321

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 505463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 796
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
server: sffe
date: Tue, 20 Jul 2021 01:36:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:36:09 GMT

GET
H3-29 200 ae0f3e874d054d2727064181df779669.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ Frame D27A 53 KB
53 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/ae0f3e874d054d2727064181df779669.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5204766102965218657/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14ab223f64ec23100aa0c975c423007cd9103be6d4f29b430ce21b43094fbafe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 472340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54728
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 05:15:29 GMT
server: sffe
date: Tue, 20 Jul 2021 10:48:12 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 10:48:12 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D58A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

40ms
40ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn1fZhofOdtRHbHYT8GLeF9ghwkd8uqfzxVz3N6iQUrufJ9xD62QOm216LS; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 25 Jul 2021 22:00:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 25-Jul-2021 23:00:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 25 Jul 2021 22:00:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 25 Jul 2021 22:00:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame 2C63 4 KB
648 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92070900000058100719594011667001&a=16a63c83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Jul 2021 21:56:24 GMT
server: ESF
date: Sun, 25 Jul 2021 22:00:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jul 2021 22:00:32 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2C63 12 KB
12 KB 90ms
31ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/img220807_banners_megekko_affiliate_image_v2-1597759923086-min%20(2).jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92070900000058100719594011667001&a=16a63c83
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 48c3e8b090c4f289b7ba306ad9d27d7d9ddfddef370275f8c41ac0e0f3a67bd0

Request headers

Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 22:00:32 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 11776
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame 2C63 0
150 B 94ms
32ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=92070900000058100719594011667001&a=fa3c0f15&vb=m
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92070900000058100719594011667001&a=16a63c83
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90001.redintelligence.net/request_content.php?s=92070900000058100719594011667001&a=16a63c83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 22:00:32 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 2C63 434 B
914 B 68ms
68ms Script
text/javascript 52.48.71.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=92070900000058100719594011667001&t=js&wid=tt-82690b
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92070900000058100719594011667001&a=16a63c83
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.71.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-71-76.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 379a5bd79ef3f572a8d43820dd0daf7edd2c594753488a0be54e0f39e9e86e35

Request headers

Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 2C63 457 B
935 B 66ms
66ms Script
text/javascript 52.48.71.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=29026&m=1463044&a=70002&r=&r=92070900000058100719594011667001&t=js&wid=tt-177293
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92070900000058100719594011667001&a=16a63c83
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.71.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-71-76.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9e0f1a805508e8790ba72790ffc825d2985496aa756568484cc24e788fbac2d4

Request headers

Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H3-29 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 2C63 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal90001.redintelligence.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 17:54:23 GMT
x-content-type-options: nosniff
age: 533169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:54:23 GMT

GET
H3-29 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 2C63 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal90001.redintelligence.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:27:21 GMT
x-content-type-options: nosniff
age: 462791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 13:27:21 GMT

GET
H2

200

e6244d1a4401c7fe26622998bffa5f86940922.png
static.tradetracker.net/nl/material_image/f1/ Frame 2152
Redirect Chain

https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=92070900000058100719594011667001&t=html
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png

2 KB
2 KB

41ms
10ms

Image
image/png

2600:9000:21f3:3c00:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
Requested by: Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a82269bce61196e0aca1c36b304de3471e367a41179284996e6b06b2a3b3009a

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified: Fri, 23 Apr 2021 10:05:11 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "60829bd7-6cf"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1743
x-amz-cf-id: uSpfSG0bwBHdUyuQN7JN2trWwDGiUNx6NsGZ0eblVa0sVUgw2YcQAQ==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
date: Sun, 25 Jul 2021 22:00:32 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

d4fbe93890fb48767a755f66b5fd1571de5cf9.gif
static.tradetracker.net/nl/material_image/6b/ Frame 2C63
Redirect Chain

https://ti.tradetracker.net/?c=29026&m=1463044&a=70002&r=92070900000058100719594011667001&t=html
https://static.tradetracker.net/nl/material_image/6b/d4fbe93890fb48767a755f66b5fd1571de5cf9.gif

18 KB
18 KB

42ms
41ms

Image
image/gif

2600:9000:21f3:3c00:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/6b/d4fbe93890fb48767a755f66b5fd1571de5cf9.gif
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92070900000058100719594011667001&a=16a63c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0dfdcc9934068e5000d8b906423558878e7cd1b9a6b7b1d566a30a6f969ee71f

Request headers

Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified: Mon, 26 Nov 2018 13:16:08 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "5bfbf218-4653"
x-cache: RefreshHit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 18003
x-amz-cf-id: 7aQvybYLm6jqs2ikDwWQWCvWAwAeb-MvLZT6GpIJDh1xN6oQS2dYBg==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/6b/d4fbe93890fb48767a755f66b5fd1571de5cf9.gif
date: Sun, 25 Jul 2021 22:00:32 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
static.tradetracker.net/nl/material_image/49/ Frame 2C63
Redirect Chain

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=92070900000058100719594011667001&t=html
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

13 KB
13 KB

10ms
10ms

Image
image/jpeg

2600:9000:21f3:3c00:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92070900000058100719594011667001&a=16a63c83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b

Request headers

Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 08:27:46 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: "58ca4c82-335a"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 13146
x-amz-cf-id: xNvldhiV3ef0amfk26Vh0sOl55-37robUbmjrOLZPW8pvV4qF38UFw==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
date: Sun, 25 Jul 2021 22:00:32 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=351301425239951&ev=Microdata&dl=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&rl=&if=false&ts=1627250432603&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22U2%20Feedback%22%2C%22meta%3Akeywords%22%3A%22U2%2C%20bono%2C%20u2%20lyrics%2C%20u2%20tour%2C%20u2%20vertigo%2C%20u2%20beautiful%20day%2C%20pleba%2C%20interference%2C%20bands%2C%20pop%20culture%2C%20social%20responsibility%2C%20atu2%2C%20u23d%22%2C%22meta%3Adescription%22%3A%22U2%20-%20We%20are%20an%20online%20community%20where%20thousands%20of%20U2%20fans%20talk%20about%20the%20band%20U2%2C%20their%20lyrics%2C%20tour%20dates%2C%20upcoming%20album%20releases%2C%20Bono%20and%20the%20rest%20of%20the%20band%2C%20pop%20culture%20and%20socially%20responsibile%20living.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=62&fbp=fb.1.1627250431086.1244506071&it=1627250430934&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 25 Jul 2021 22:00:32 GMT

GET
H3-29 200 nl-NL_CBK_L_Blue.svg
s0.2mdn.net/creatives/assets/3782692/ Frame 2648 4 KB
2 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782692/nl-NL_CBK_L_Blue.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6df99ce6c755727427a99699b38bef5fa3752f01d256746eee2d483afe2d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1661
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 14:04:55 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:10:51 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3F5C 0
0 58ms
58ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Csu5I_979YJHhBo-X-gbM9o2oC-unsvZj-cLvmZwOsJAfEAEg7JaQG2CRhICAjBigAYWDk6sByAEDqQI14cShLMCzPuACAKgDAaoEgwJP0IXMJdFck8fKNEhE2keq7f5TUaRDWdH2OJ5KknE_DnMmvsp1rqzM_ZCvvb990hrOJEImk-Ya-OIuYGE_4LOu-TyfT5BTQ2kIwoSJac7xnCQBAM2C2nTCoriyww3evoj41uXUqBiW24979YiY3DwYnfC_zhiEe3fhEjUExe0BV_pKoIXGqgpZ3-59sfKdmyndvd5wb5KNsos-ew4jCtv9JwkQMGg03u02qzveLoE5I52IGkAsk82IiEvhfwFxIHcaLgUcvmFsYWTIRdyqLX5C6LsUmM1BTfH-9w2PKExLP9f13b3v53z_DsBeOdiIAD8IXCoYeN-yILkkzU1wjvHqaDt8wATcrqyA1QPgBAGgBgOAB-P87NQCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEENu4HNIICQiI4YAQEAEYHYAKA8gLAdgTA9AVAZgWAYAXAbIXGgoYCAASFHB1Yi0xNzY0MjM2OTE1MTIwNjYx&sigh=T40Hl89uA1U&vt=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3F5C 42 B
64 B 40ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstltwjEtODCaMfhAhn719cmPV230XIIjwi3ROSYTc5G_BiL3iUxexCu8KRE4rqXBGU-9TcCwfkKK7oKy3aKRREZ8g0RvIKJZ_luZP9dPQNOFhfqMnfUs8G4bkKJ8g&sai=AMfl-YSYh4_OGufWdLwAg2FrU3_ls29nLW86gM5dVgGMDsErXuVl08Le27zWyR6nyVKvUYJME80DPIiY6wymJmegwEMl_GohW2v1cUk3Mse1LemacpM0ZvvhIxfqhmhR6U8&sig=Cg0ArKJSzMhsCQb6IpXPEAE&id=ampim&o=1085,433&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=102&tls=1102&g=100&h=100&tt=1102&r=v&avms=ampa&adk=3229665405

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7472 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 25 Jul 2021 22:00:30 GMT
expires: Mon, 25 Jul 2022 22:00:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EA33 499 B
336 B 19ms
18ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQqtLeAhiviPKaATAB&v=APEucNWaUiuPBt5ytS5ZsetKdQG9b5eouWckNuP6e60DnoyI89JD6lp9ByDTiPyCl814-yIUOKx1F3bW7MlGqeYNO4wRr8kxfRO89gLBON4bdMRjWKY7R6gh5lAzbdRrcynQLzL4mluj8no7qP9OHs0KndQ2A-YiOrU7hL9MNp8lZQdic5ZUFWE

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMLX3AIQqtLeAhiviPKaATAB&v=APEucNWaUiuPBt5ytS5ZsetKdQG9b5eouWckNuP6e60DnoyI89JD6lp9ByDTiPyCl814-yIUOKx1F3bW7MlGqeYNO4wRr8kxfRO89gLBON4bdMRjWKY7R6gh5lAzbdRrcynQLzL4mluj8no7qP9OHs0KndQ2A-YiOrU7hL9MNp8lZQdic5ZUFWE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn1fZhofOdtRHbHYT8GLeF9ghwkd8uqfzxVz3N6iQUrufJ9xD62QOm216LS; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 25 Jul 2021 22:00:32 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 25 Jul 2021 22:00:32 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7472 60 KB
25 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ae5vg-oNqlNMqjFwuu-1u1ysWt0aUWr83UxLL5PDcfDHgRGYimejf0zTK8Gvyr0oNB35FNJYoON4tLjujaTJobWghDqgljNxxHZaJKq56W1J9kjn77caBUpj8dYX_zRHp6h036i2BVMWMZuuFvtpPJWFxY_Q&dbm_d=AKAmf-ApijxEG4lye_F5GCd8zZ2UU4cZrzNftavBe_7Kw-3goZkWmvQ6l06AmmkTpSdv6Gar7IlyejgguyfYP7hDZ7KObU3vqZd23Lh_g7qqcIVVNPBK95mrjtMJUuTQj69oeUx5Z58iyA6Mrp8kHUqLyMcTtqbuWRQp67HStNI2uo_KkDRBKcmZ8qEeAuD7LBCE3pUaATic_46WsyHalLyM5Lg2PBlCnfgrEFv3OM9uZnpaCgEWNjldTFu2p9CDA5Ge00YhYuqvddpB9np855xbxwiPYpQCcvXvshppON0lBcTkC31rcUOyFyL0xG3qiCtybq40L7ibv4-5FlLiK4jOMj6BS8Qh7t6XZzrPetz7w4sh_9R4C3bO6ivFSL4co7_LALDFC6tJtA5KEZ-RVEryln2KEax3N5-jDQ6keE4_fNnaOzrYMf_hBcKls0DTWmOX7vdPqRwbsGrPGH_aQbao8uyNCOk_5l0gLmeCFdWvedPavg6OBDjyj7SnjP43ovSjihWZYWdhbz06zXFWCNZmRUcBM3YV2o4qb_2IB-vxcVZfPrl3n6TY_xGTs2vIeAaLLLK8fV7Kkks3nKC-oFW75sTlOMFwaIgI8cbB3VNJv2qOd7Egysm8N7ANCuMiCg_IAas519hfgMpkWiGhUUn-MWpGdNVWpfg2SIdEaD8gsGkLmFsREJJHGp5XF-PnT-rKco0iNHAifVn6s0Vf9sY1xna7u5lhxxSieu6huaEFpIsnFDtLJwBgBnMwWe-cJpmHVAUhTF3ODfMM8KvtqtE0KOXK8_K5YlLNbYaWvd9TXERdDMP7y5nQEP0UZRdrg96FQXbB5I9rAzKjzHw6AIGL4xCOkSSMYen0tRon82To89y9dquANwp_g0H5o1tcjlM1TPyBhRj1kv_uK0K7hIPVRqF4mowORqZ0xFiSNuj4vFOgPUksMw5MiRdTQFf8qi0t4jX_vDVWQpy4CUg3fgHqw5XwKeEFnl4eK7TWg3lUdV1V19v2H0TVTX542yLLepFYYO1BDz6N02Ugwf5SCFjW7npx5yqdDy4yiVIqSa1AZxnWuUUtRtBQvVxC2Q8QsF7J47OUChb4y8-S6ZMXpBnDAdSjtuBy8dIIEwE2JlesiGUxq_ykAyC3PV-IODG1_sxhtdCCupkGDeg1BenoeOX_KfbjD2mhT5BTfcRMnSCzHOnt5Mc53ZrkC1QzmeqbgNmAKdAHRM-1vpEIneG4wihB__kvE289-Q21_b-CyBDA0ctrq9MKuUobsZZe67VgO54F55KzpRGNx__xyiAJ8ElswjwCbSsm_Xx8HoYuOJ8aE7uJ6WLMYSrrNSCO6R-teIEzyXleZSLvNae1y9-j4fu8A54ODPgMVN9QiaE8sJ1Ma_1HAAZROA8ASUlq-fIvJpARqeZmsgOxqLSrwMGQoIkkjpyKlzRPZS0gHek_vyr1iKvtxElcSVuS1jrM4d-XfkZlzFaVWLq_hqQNp_nNMBzj_VOr7WbslQUSjSWRMpws17GWqzqsi_13N_6ders3fpzZqB8eE13AIHnyBuqeSFsKM4G08pOecw33VOPhZ8TEpiTMfNyah_NDnfiA0MXdA3cr7ARZLfjSquV31wUwYwCA9sWs2maIdjaJJjftk66SNvzaVPJQrM_YQnIH6OtF7f-oVEDQQCxktKQQ37vI4GDC5JnxvBLf7Eb8ZAIwqA5X_vy9u_LYfWC513HbicjvhUH6r23xUEAj2aj2vnmqVZv1bXqWHffNYmrPVALzZZc5naLwJMbqVpIHs837euGPt33uVu4ZKKdMsFty6nmOseXoIZdICgypYHhQMyzmL1-dpcLjSA-PoJvWbfYaPpZA1zC2cMPr13qu_Nsc2iKx1SAI-G11nyhDBmuY4ctiLfziySUjRJgRheFPlFcTLMZtPnkMjzwUU6yuxwFPdY1wHPRcxjuc4Rr8ac2fXnoXAZaE35CRTAqUijdrB62uRrBTO7U1HzlCWmv40puUiPCiVqsUS2pvmoOX--wOZTNlUN3yWTs12OPyl1BhnlGPx5bOBCR9CQYO2a6v-GIH8pz97yCbITDOufqHc_23pJn6Ph8yExF95O5UU6IIBF-kOTECEG4WbWT0Xwdm4Zc37yQmHH-mU5KEFlGBd0t6BKEaHGuwXuveV8BlfOovfIsxeIFesgaIN4Mc7gS5Js_9EWwX99cZAoxRDWd-YH4ZVQSX-Pt4HD4v09KGVJDLGY1bMECQn6fbqBdIWIqjSLmnZwBTizxx-Qa4_nCGDP5mfBVJ_hDYG6sdcAzpRQuKi1iFu5YAlI8WIk-Tlijkr3vRY028Nrq2S1EK3_11tQZ1Y6YJ8h6xLcWuCjkKJMcZJQgPS3IjiUpdWGevVnBBGTUIsXQMWPrgUVXBSwwmAMY4mjhvOj02N7Mmhcg0zdOXqYL9s55ZUUO_xQGBdFxHaC2mmpTWJ9ZOI5hF--bHJV-RsgJ9KYvNo_1XwsA8WzJgTW5z8g9sUb34ch7Y0nynzRhUweet8N8VpAMhJ6r2L9g2ziNIWbK7gPz13viNw-uHCRMEtXpbswnVLP4wov1xUdn-6sCFsjhf2A37zasGk9TSQfWFroX6lR7MX7iF62oo2m9q-PY3YVxic_iTGXytUphW_jUCpa6dEKqaY-4GOcSxLK66t_WZC1nm5gdbE8r0jcpRHWPw9fl9xMG4rnTKsr7MuqOZXLMJnNJ31W-U238gOo4oFnh8IY52bHhsiTJZSVwNYkapjFX01egUdh_93bowBholq6mtf186_dU2ev93New-YiOWAgK4VD6kCutEQzyX-iZkZK4A6jy-bOHnJlIUyJ-hzGfsrz-vpY9FH8Huo2KUwNn1g605JPIOSsINHc1QEkJML4mu6m3rxAs7Ym3mT7rIAfHEQvBYO3cqV8BB7Yr057EnZ5dxjGgPE6k07Tzh6MJFUjnWQRAQYjHGBGUxslwvqCS-BvmmQ28hH_Z9VihY75Rjd_UkykYtZaT4x99WP4cOrZsi6NcV--vlI9-P9jR8BnN9E5JSdGu1Nz2ikA--w1UDOnhUqHQD3iqvq74QxteXdTjHwaDb5QNiSoak3ZDi1gWf25ENanCg8Q0ON6N61b7U1C_8wldDuAsztFgnE4s4ID5JYOdSR6UV&cid=CAASFeRoNwCtT549shDjaT5Hm1_vnkWF6Q&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95a7bbffb433efe3b6f6659eb30591afb1be9b2a3d72e0fd0ac0cd368e180f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25160
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7472 42 B
63 B 67ms
65ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0LNAxu-eOd7A_d16njJhsn17lRLjmjWSuKneCuEmhY9tFpDwdpkVXR4WtsBpqAoBiL-P68lxqy2hIwKcKtrokS9ez3nVptF5BQr0po9-z0ZeiWoU

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 7472 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:54:49 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7472 124 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039891503395"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Sun, 25 Jul 2021 22:00:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 7472 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:57:58 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7472 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSp6EtV4ilfPWYuE6PtjUtKlbCZoXK5nEoSHizr-Q6-wd0BfXRGCBjLdhr98-udpSXJ_yQBpaZ1hWTUkPZmp55dGqKcBQ
Requested by: Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame EA33
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEI_iVMTw0JCkK3icuFmhCUQ&google_cver=1

43 B
549 B

23ms
23ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEI_iVMTw0JCkK3icuFmhCUQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQqtLeAhiviPKaATAB&v=APEucNWaUiuPBt5ytS5ZsetKdQG9b5eouWckNuP6e60DnoyI89JD6lp9ByDTiPyCl814-yIUOKx1F3bW7MlGqeYNO4wRr8kxfRO89gLBON4bdMRjWKY7R6gh5lAzbdRrcynQLzL4mluj8no7qP9OHs0KndQ2A-YiOrU7hL9MNp8lZQdic5ZUFWE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 22:00:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 142
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEI_iVMTw0JCkK3icuFmhCUQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EA33
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YmI5ZjkxMGQtZWQ5My0xMWViLThmN2EtMWUxZDQ3ODcwMzA2

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YmI5ZjkxMGQtZWQ5My0xMWViLThmN2EtMWUxZDQ3ODcwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQqtLeAhiviPKaATAB&v=APEucNWaUiuPBt5ytS5ZsetKdQG9b5eouWckNuP6e60DnoyI89JD6lp9ByDTiPyCl814-yIUOKx1F3bW7MlGqeYNO4wRr8kxfRO89gLBON4bdMRjWKY7R6gh5lAzbdRrcynQLzL4mluj8no7qP9OHs0KndQ2A-YiOrU7hL9MNp8lZQdic5ZUFWE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 25 Jul 2021 22:00:32 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YmI5ZjkxMGQtZWQ5My0xMWViLThmN2EtMWUxZDQ3ODcwMzA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 69
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame EA33 0
299 B 8ms
6ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 7472 111 KB
38 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 13:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jul 2021 13:55:39 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/ Frame 7472 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ae5vg-oNqlNMqjFwuu-1u1ysWt0aUWr83UxLL5PDcfDHgRGYimejf0zTK8Gvyr0oNB35FNJYoON4tLjujaTJobWghDqgljNxxHZaJKq56W1J9kjn77caBUpj8dYX_zRHp6h036i2BVMWMZuuFvtpPJWFxY_Q&dbm_d=AKAmf-ApijxEG4lye_F5GCd8zZ2UU4cZrzNftavBe_7Kw-3goZkWmvQ6l06AmmkTpSdv6Gar7IlyejgguyfYP7hDZ7KObU3vqZd23Lh_g7qqcIVVNPBK95mrjtMJUuTQj69oeUx5Z58iyA6Mrp8kHUqLyMcTtqbuWRQp67HStNI2uo_KkDRBKcmZ8qEeAuD7LBCE3pUaATic_46WsyHalLyM5Lg2PBlCnfgrEFv3OM9uZnpaCgEWNjldTFu2p9CDA5Ge00YhYuqvddpB9np855xbxwiPYpQCcvXvshppON0lBcTkC31rcUOyFyL0xG3qiCtybq40L7ibv4-5FlLiK4jOMj6BS8Qh7t6XZzrPetz7w4sh_9R4C3bO6ivFSL4co7_LALDFC6tJtA5KEZ-RVEryln2KEax3N5-jDQ6keE4_fNnaOzrYMf_hBcKls0DTWmOX7vdPqRwbsGrPGH_aQbao8uyNCOk_5l0gLmeCFdWvedPavg6OBDjyj7SnjP43ovSjihWZYWdhbz06zXFWCNZmRUcBM3YV2o4qb_2IB-vxcVZfPrl3n6TY_xGTs2vIeAaLLLK8fV7Kkks3nKC-oFW75sTlOMFwaIgI8cbB3VNJv2qOd7Egysm8N7ANCuMiCg_IAas519hfgMpkWiGhUUn-MWpGdNVWpfg2SIdEaD8gsGkLmFsREJJHGp5XF-PnT-rKco0iNHAifVn6s0Vf9sY1xna7u5lhxxSieu6huaEFpIsnFDtLJwBgBnMwWe-cJpmHVAUhTF3ODfMM8KvtqtE0KOXK8_K5YlLNbYaWvd9TXERdDMP7y5nQEP0UZRdrg96FQXbB5I9rAzKjzHw6AIGL4xCOkSSMYen0tRon82To89y9dquANwp_g0H5o1tcjlM1TPyBhRj1kv_uK0K7hIPVRqF4mowORqZ0xFiSNuj4vFOgPUksMw5MiRdTQFf8qi0t4jX_vDVWQpy4CUg3fgHqw5XwKeEFnl4eK7TWg3lUdV1V19v2H0TVTX542yLLepFYYO1BDz6N02Ugwf5SCFjW7npx5yqdDy4yiVIqSa1AZxnWuUUtRtBQvVxC2Q8QsF7J47OUChb4y8-S6ZMXpBnDAdSjtuBy8dIIEwE2JlesiGUxq_ykAyC3PV-IODG1_sxhtdCCupkGDeg1BenoeOX_KfbjD2mhT5BTfcRMnSCzHOnt5Mc53ZrkC1QzmeqbgNmAKdAHRM-1vpEIneG4wihB__kvE289-Q21_b-CyBDA0ctrq9MKuUobsZZe67VgO54F55KzpRGNx__xyiAJ8ElswjwCbSsm_Xx8HoYuOJ8aE7uJ6WLMYSrrNSCO6R-teIEzyXleZSLvNae1y9-j4fu8A54ODPgMVN9QiaE8sJ1Ma_1HAAZROA8ASUlq-fIvJpARqeZmsgOxqLSrwMGQoIkkjpyKlzRPZS0gHek_vyr1iKvtxElcSVuS1jrM4d-XfkZlzFaVWLq_hqQNp_nNMBzj_VOr7WbslQUSjSWRMpws17GWqzqsi_13N_6ders3fpzZqB8eE13AIHnyBuqeSFsKM4G08pOecw33VOPhZ8TEpiTMfNyah_NDnfiA0MXdA3cr7ARZLfjSquV31wUwYwCA9sWs2maIdjaJJjftk66SNvzaVPJQrM_YQnIH6OtF7f-oVEDQQCxktKQQ37vI4GDC5JnxvBLf7Eb8ZAIwqA5X_vy9u_LYfWC513HbicjvhUH6r23xUEAj2aj2vnmqVZv1bXqWHffNYmrPVALzZZc5naLwJMbqVpIHs837euGPt33uVu4ZKKdMsFty6nmOseXoIZdICgypYHhQMyzmL1-dpcLjSA-PoJvWbfYaPpZA1zC2cMPr13qu_Nsc2iKx1SAI-G11nyhDBmuY4ctiLfziySUjRJgRheFPlFcTLMZtPnkMjzwUU6yuxwFPdY1wHPRcxjuc4Rr8ac2fXnoXAZaE35CRTAqUijdrB62uRrBTO7U1HzlCWmv40puUiPCiVqsUS2pvmoOX--wOZTNlUN3yWTs12OPyl1BhnlGPx5bOBCR9CQYO2a6v-GIH8pz97yCbITDOufqHc_23pJn6Ph8yExF95O5UU6IIBF-kOTECEG4WbWT0Xwdm4Zc37yQmHH-mU5KEFlGBd0t6BKEaHGuwXuveV8BlfOovfIsxeIFesgaIN4Mc7gS5Js_9EWwX99cZAoxRDWd-YH4ZVQSX-Pt4HD4v09KGVJDLGY1bMECQn6fbqBdIWIqjSLmnZwBTizxx-Qa4_nCGDP5mfBVJ_hDYG6sdcAzpRQuKi1iFu5YAlI8WIk-Tlijkr3vRY028Nrq2S1EK3_11tQZ1Y6YJ8h6xLcWuCjkKJMcZJQgPS3IjiUpdWGevVnBBGTUIsXQMWPrgUVXBSwwmAMY4mjhvOj02N7Mmhcg0zdOXqYL9s55ZUUO_xQGBdFxHaC2mmpTWJ9ZOI5hF--bHJV-RsgJ9KYvNo_1XwsA8WzJgTW5z8g9sUb34ch7Y0nynzRhUweet8N8VpAMhJ6r2L9g2ziNIWbK7gPz13viNw-uHCRMEtXpbswnVLP4wov1xUdn-6sCFsjhf2A37zasGk9TSQfWFroX6lR7MX7iF62oo2m9q-PY3YVxic_iTGXytUphW_jUCpa6dEKqaY-4GOcSxLK66t_WZC1nm5gdbE8r0jcpRHWPw9fl9xMG4rnTKsr7MuqOZXLMJnNJ31W-U238gOo4oFnh8IY52bHhsiTJZSVwNYkapjFX01egUdh_93bowBholq6mtf186_dU2ev93New-YiOWAgK4VD6kCutEQzyX-iZkZK4A6jy-bOHnJlIUyJ-hzGfsrz-vpY9FH8Huo2KUwNn1g605JPIOSsINHc1QEkJML4mu6m3rxAs7Ym3mT7rIAfHEQvBYO3cqV8BB7Yr057EnZ5dxjGgPE6k07Tzh6MJFUjnWQRAQYjHGBGUxslwvqCS-BvmmQ28hH_Z9VihY75Rjd_UkykYtZaT4x99WP4cOrZsi6NcV--vlI9-P9jR8BnN9E5JSdGu1Nz2ikA--w1UDOnhUqHQD3iqvq74QxteXdTjHwaDb5QNiSoak3ZDi1gWf25ENanCg8Q0ON6N61b7U1C_8wldDuAsztFgnE4s4ID5JYOdSR6UV&cid=CAASFeRoNwCtT549shDjaT5Hm1_vnkWF6Q&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:57:58 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 7472 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9349
x-xss-protection: 0
server: cafe
etag: 11779355884012761328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 21:42:51 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7472 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 00:44:09 GMT

GET
DATA 200
OK truncated
/ Frame 7472 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15970923dd90a3ca2a81c3322f4a04607b15e710797ce48351debc89e02b713d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EE34 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 25 Jul 2021 14:16:29 GMT
expires: Mon, 25 Jul 2022 14:16:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
s0.2mdn.net/9631534/1612219691695/SquareOnline_NewYears_728x90_RST/ Frame 9998 6 KB
2 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9631534/1612219691695/SquareOnline_NewYears_728x90_RST/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1d10651b2cecd0feed7821aed93a5d95ae240ff7ca4870538d5459c0d12fc6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9631534/1612219691695/SquareOnline_NewYears_728x90_RST/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2325
date: Sun, 25 Jul 2021 07:08:02 GMT
expires: Mon, 26 Jul 2021 07:08:02 GMT
last-modified: Mon, 01 Feb 2021 22:48:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 53550
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7472 0
24 B 95ms
66ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssRsC1EIPRujtpH8HMQMGLuFTVCNztlGLzQN7LgMNW7py7fvZ6YQBieeTg5kISymlOTx8ADJi-JHs8vvGRDn0E5l4ATIFFA_kwDqthUAMI8M2rX_pNlUaOsyZrL78sQ0hgmRVlElRG__UCCtW29v13kkEBpGaoKXhOx90gm2RUGLmSyzy2mUYRpqdL-cjNC94IE_t7egEpmbkm3zKxYDjlELuR5kIfUkJQGxP-cQWdC0yH9jgS3yK2J5XhsomrSs9BZcsnRwFBB0BGbTnnAuDJVj1k07ZpeU-VU8xK6k9H561Gk8yXAEN5okdVxBMWXM5OldOq1ifzRAhhxOXbWBv12atzl3fM5-r5AplTqFLKy9Qqb9mYlPV735dC_X3-IhUqEGF5NSSQTtwVcraZSJjvLL6PgAcLgXnptKIPLaHMNwKDJ_E0HFSmZkOhY9fanppUk6zflUBlYXjVlvLXwEIvZoU8H0MzfWmSxazx3CmEjGtb_nzmlyDV33OWHbMyOPUAGYEL_ek1_IrA2ozvpdMFP0PJPpfxtWRJUl2wnwDokyb9G3QNAi0IrINChnEj8GYaudnjhm9DXuDGGyuJUJdYQvuiGBjE6EtNaiMJvNuNmDvHd6E52dVWtlEga6tpSxqcDigChwxqJiJjDy1n2-q_RzaWhgtTJtQNGCw4_XvZOV-fIWAYP3zcw3zm5jvbnNAS2tYiG-9uGt8vEW7L8Xq87m-n2I_KI-ZKyBBwp9omSKUFtd70U9Gq2pHrruirC9chAQJSub5c3RjVMqb0kD-Je-d6b0RDFdHmbEgMdDh3qhyCVfd-SIXNSufgdXiveEApgyjLl6OmrHyHlLUOvD1m96A-hqKV3sqGzAjB_Pwd2UMsTINho0pu-3mwqGuwdgfa985F-y6jpMijBi6P9DBKNw1saaRoEdpFZbyeOowW-l2MKUTxQhclij5Cff8jrIdwcSZX5EKO0Xm2YgIV8xSB3vS_OZ-Zh04W4SND5BvTrol3mF4m80p7sXoghgw7VD4ovZt60D5Sj7u_7BFwx9nagvn4a13Bc2j5FdRla3HVHfBZBYauL6fqF3hgSzbtknvO3FC83SHHzfujb4ZZ2LMQEAq_SuRZIK0cqmI1p-KKWgvxN3I6O41RzrdDUhW4oKsnIrQfGfrq6XvohwMPb6rsTKHCeAJJc5t6Q_QgUYtz1PTEyWuYQxhwjuGrK&sai=AMfl-YRV-zU90qqDDvKC4ouBnLzzm2tzKGzcLuM3Kg1Obk_GXJynX2xcBNsNMB1pps4SRV8ixfW_werZyHxLmPktVJ4eKhj2fBnfxFa2xjmbhcQa5J3dOGpktczrD60-rj0pwqf0hk-biEzRysiL_cMuEQERiCdBpPp6I9e4zKc&sig=Cg0ArKJSzFMARdPy_9thEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=46&cbvp=1&cstd=44&cisv=r20210720.63345&adurl=

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 25 Jul 2021 22:00:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame EE34 34 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 00:44:08 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 9998 236 KB
63 KB 41ms
14ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/9631534/1612219691695/SquareOnline_NewYears_728x90_RST/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 22:00:32 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sun, 25 Jul 2021 22:15:32 GMT

GET
H3-29 200 index.js Show response
s0.2mdn.net/9631534/1612219691695/SquareOnline_NewYears_728x90_RST/ Frame 9998 59 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9631534/1612219691695/SquareOnline_NewYears_728x90_RST/index.js?1611149565237

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9631534/1612219691695/SquareOnline_NewYears_728x90_RST/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e50ef43a409a0fb238ca0bf976da42318d9551fb119ceaf567e37e5270e72c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9631534/1612219691695/SquareOnline_NewYears_728x90_RST/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 02:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13118
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 22:48:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 26 Jul 2021 02:12:56 GMT

GET
H3-29 200 flowers.png
s0.2mdn.net/9631534/1612219691695/SquareOnline_NewYears_728x90_RST/ Frame 9998 9 KB
9 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9631534/1612219691695/SquareOnline_NewYears_728x90_RST/flowers.png?1611149565200

Requested by

Host: fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
URL: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e980057dab2ae662abc5392ba225c0df649d87c38e5a7c1c9c7e1d766f57bb0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9631534/1612219691695/SquareOnline_NewYears_728x90_RST/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 07:26:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 22:48:11 GMT
server: sffe
age: 52471
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8922
x-xss-protection: 0
expires: Mon, 26 Jul 2021 07:26:02 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7472 0
23 B 57ms
57ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 22:00:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE34 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BF6GnAN_9YPv7M8WQ7_UPmIScyAwAAAAAOAHgBAI&bg=!WVqlWh7NAAbnC78O5ws7ACkAdvg8WjLNSwRpz52NNC6onnxMaHxok7OuBQk38nWnoMRkXJgi9LcZcwIAAABwUgAAAAxoAQeZAtYlW6p2Bq5Wf7jjVfKKDD9B2jFIaIK5dPqEKovVmAM9yA7ELiEDz6RP567s7SqBxCDY9ue17p9dw7DBWTGpMpbgjVzwScp36383TWNsS3DC-yrWyIbTCCdK5loqCl1MGTQ22CTQX26w0v0zq4DdAe7YEcXGQ5qjSeoOVvjK44yNuH0V5jd7I6JQGtcDrvtakrcMerE8rY6DrukHW6KdaW_IP7TvZXLHPoLZEs1gv7miavshTVnDXJuH-LKdD_GRq_Kuyqq4icd3UqDFe0w05TfMBF5jmq51pHOx_-2EkZu6_8zCT4p_4jtRdMbXL08mC2YBWxSd1PLJxtji3FjSCgG5U7wLyBe-gQyU6PXgK0xCoXBV1wa6w8_p4ed_RwGzmYRwC4fPc184HwvzNiG9_Zt-vTjtw4xrh6oaNr6WucOIF9gBPETo3VGIKFBb5JbDE_lbkage-Wl-IeH1P-oPhM2GnYmdiH0TNH3okZmPR1dS_h_lFWjvYav2jZkJBXpGXQVv2Hj-bjgVYSdkK51Z-6jbrqQcs9bqNBStOUUP6ihDq0Vn3RCX-yfLRroJHKQ0C3VMpMZkUEbUStFmeaZP68bvFTkGWq-BzGYsoV-zUGWERTqCN_eG6tQlIWchyLuzDjj0JyLlEZg8NOPo6EogpBH5JO_0yuwj7Q3ZYpTj_0xqX7r8s78YfyIYbMrjdEIWvVsLFyC5ly0JjYowibvvGAbFUdKrglPlzQwCs_Cren1rrI57cmqMuPXgcQ8zR3j8EZHHPM1hel98taOVci4Cn3-APeZ1iqSaf0wWzBoson4gMdvAwK-HpXbWMatOgvZiv8TKctFOGZpQksqO-VmEhReQnFxsBiZsD7wmxUTFVeLyCmsKoMpiITIBphqcV88UL6ExE5wEDlqMaykTFFpUNhJkyEG58_6v2CozwK1YRtosnb-CuRFeUjeGm4DUC4ZIY534yE1qWKo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7472 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu21CaHL6zlxUvkM0X5RLv3f4MixvNUUlGXMzdXngV5svX9jdi6l5DmbjB88QupsSuEuLKb2bDvgUPeeHRDlrHT2k6p1O8Z1yPlT3aQxKuz3_dondW8QWrnUunHKQ&sai=AMfl-YQ4PQeSEhaIYSk_J9_Na2oCPcGZLRrJ8Fom3npt5zfPcYIqpKoj627LLjDYouwA97X5Sc1xbSGuDGOPIFwL6eRa9qBY4QOgzYC3Bl4ToJrL9bTo2Wx5liHnMNbkTNg0&sig=Cg0ArKJSzFYqxrrYlK__EAE&cid=CAASFeRoNwCtT549shDjaT5Hm1_vnkWF6Q&id=lidar2&mcvt=1000&p=1104,436,1194,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210723&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3100388973&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627250432820&dlt=13&rpt=0&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 arrow-white.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 2648 659 B
488 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782689/arrow-white.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 455
x-xss-protection: 0
last-modified: Fri, 12 Jun 2020 07:26:14 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:05:20 GMT

GET
H3-29 200 circleCheckmark-white.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 2648 342 B
294 B 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782689/circleCheckmark-white.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb0574bfe55a33a197a4cb5b5ca86cd7d59974750615725975a908544409e019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649331/20210111080107100/nl-NL_Top_CT_728x90.html?e=69&leftOffset=0&topOffset=0&c=6mUqY1W4y3&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 21:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
last-modified: Fri, 09 Oct 2020 08:59:26 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jul 2021 22:00:54 GMT

GET
H2 200 dc_oe=ChMImZKmn5z_8QIVoQyLCh2gowA1EAAYACCGmuVDQhMIyJ6Rn5z_8QIVmzTgCh0Yywpb;met=1;&timestamp=1627250441475;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9638 42 B
254 B 58ms
56ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImZKmn5z_8QIVoQyLCh2gowA1EAAYACCGmuVDQhMIyJ6Rn5z_8QIVmzTgCh0Yywpb;met=1;&timestamp=1627250441475;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 22:00:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

344 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.u2interference.com/	1970-01-19 20:00:52	Name: __cf_bm Value: 1921b4de82f3a347bdca6e7c5d4585719b920d3a-1627250431-1800-ASwtZB1afWz8tfC1DH4zsF5/I6YAwVpJdJSEABmHuKXkKElW9FjutygEFNkr0KBggYI57nnlQ0mzVK/4MLOEydPpS9tzFUVe/4qd1xdDxdSqc7LE3aRSDNJG9sAMt8RB+z0jXXIn5FFiYj9Ak1AZfDg=
.u2interference.com/	1970-01-20 13:32:02	Name: _ga Value: GA1.1.1199576423.1627250431
.u2interference.com/	1970-01-19 20:00:50	Name: _gat_UA-59880719-6 Value: 1
.u2interference.com/	1970-01-19 20:00:50	Name: _gat_UA-125129-18 Value: 1
.u2interference.com/	1970-01-19 20:02:16	Name: _gid Value: GA1.2.813623963.1627250431
.doubleclick.net/	1970-01-20 05:22:26	Name: IDE Value: AHWqTUn1fZhofOdtRHbHYT8GLeF9ghwkd8uqfzxVz3N6iQUrufJ9xD62QOm216LS
.u2interference.com/	1970-01-20 05:22:26	Name: __gads Value: ID=dcd3a6e6231931ba-2242eead8bc8008f:T=1627250430:RT=1627250430:S=ALNI_MawUFZ9u69vvG4wRobnX-edrHlZWg
www.u2interference.com/	1970-01-20 04:46:26	Name: bblastactivity Value: 0
.u2interference.com/	1970-01-20 13:32:02	Name: _ga_32C473VFPP Value: GS1.1.1627250430.1.0.1627250430.0
.u2interference.com/	1970-01-19 22:10:26	Name: _gcl_au Value: 1.1.1360619503.1627250431
www.u2interference.com/	1970-01-19 20:02:16	Name: PHPSESSID Value: jitcrji2autl092i433dkvrai3
www.u2interference.com/	1970-01-20 04:46:26	Name: bblastvisit Value: 1627250430
.u2interference.com/	1970-01-19 22:10:26	Name: _fbp Value: fb.1.1627250431086.1244506071
www.u2interference.com/	1969-12-31 23:59:59	Name: bbsessionhash Value: b55c421765655e59fe5c633f1cef6e09

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/032107200040000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107200040000 https://www.u2interference.com/forums/
console-api	log	URL: https://s0.2mdn.net/creatives/assets/3782707/productCard.js(Line 1402) Message: CBKLABEL CHECK false
console-api	log	URL: https://s0.2mdn.net/creatives/assets/3782707/productCard.js(Line 1402) Message: CBKLABEL CHECK false
console-api	log	URL: https://s0.2mdn.net/creatives/assets/3782707/productCard.js(Line 1402) Message: CBKLABEL CHECK false

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
dsum-sec.casalemedia.com
fefa89a5e4445ade478a0e0c3ae960b0.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90001.redintelligence.net
ib.adnxs.com
opt.objectiveportal.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.tradetracker.net
sync.search.spotxchange.com
sync.teads.tv
ti.tradetracker.net
tpc.googlesyndication.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.interference.com
www.u2interference.com
z-na.amazon-adsystem.com
104.111.242.245
104.26.6.126
142.250.184.194
142.250.184.226
142.250.185.130
142.250.185.66
143.204.95.142
185.33.221.14
185.94.180.125
195.201.152.90
2.18.234.21
216.58.212.162
2600:9000:21f3:3c00:1a:7c92:efc0:93a1
2606:4700:3031::ac43:bde0
2606:4700::6810:125e
2a00:1288:80:800::7000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a02:26f0:6c00::210:ba2a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.244.159.8
46.4.10.49
52.48.71.76
88.99.219.174
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
02159cd3570c28fb35026c7708464a7fa408568bd8c56c75c50152fc7e624214
023c115cb664515c7102938d654b784b3702854dc528c31adceadef98d23c53f
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
052be8ef35b981dd070a6dfeff7bc9370b09b7a4fbd4e23062e773144e2112aa
0662f34938534e35d71d92a981c64d20e61a12b774b4eb9613085dbe87cc73df
067ad6162310c82154f264907e0a51046705579b1eb7e5a0023d2cb583ec075f
0ac7c4ba18caedf9ed41b3298b9ee56a11372425ddda2852cf4bb6db7f4e7a7a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d9080760fb04c41ad132bc5bd8853e1b8b1aacabbb846c2dc3d1916acc1e872
0d92b553913c34afc01bbd5df647f7a97b3bc9f306160a3c88e26e5d24b7852f
0d9b553e2da505153cdc51ca4ff6362953c00ca4fef79087f9e5bf8839ce7cab
0dfdcc9934068e5000d8b906423558878e7cd1b9a6b7b1d566a30a6f969ee71f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
120daa49a72e222d71bfde6958e4a0909b9b1e1f47d46c8ebe3e411237116cc2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13319f25fd8473e4176955d19a09e4614170c8a7941ef7966987ad6156536580
13c73f892c5654a455ca5c028c00f48ee52f4c25f688e1aeb18461752d1c7302
14ab223f64ec23100aa0c975c423007cd9103be6d4f29b430ce21b43094fbafe
15970923dd90a3ca2a81c3322f4a04607b15e710797ce48351debc89e02b713d
172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573
17720699e2c5269fa6ec7e391f59f310e0c571393d62ed430a191796e60ed0ea
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aaeb91383d090fb4ad2c561891c0b216ee9d5abc8f8a4ab79c938d57700d751
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1c51f616467ff036ffc3cda167dd0767f1196464c04e6753c10fdecf489fdace
1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc
20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643
20ee1213307137fb4045dbc3fdb8b7f574fd75d1b5e689bfc33f0d0f878075c0
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
237c7b47a1aa95b662e01c9628165f3731cda8f807109d86e2fed9a9b6ff7f7d
258a17d96aab83a9bbf9f5b48e87f287239d3a59573cba81b8688b6e6fad8c61
2751dcb449ce81af8d51e4281b140813f591e35a55732954ae8cf2b79aed6a7b
284615053a0dc8f31bc5242e575a5ec31a3c2884c6172ee3a8fdd03cd38d11c7
2e7655ce171821c7db12d36d7bdab3eeefe0b5ffb7af53582c8ab9e65a2524a7
309de750bb2c32b58c49494bb2d09b6f858750ad306edc6ad0fd634a5cf57916
322525c091ba1bfab8a63355bdfbce7fb49058247a79e0d787c99e6949d58187
3262dbc62d08e075855db45711ee47bd0de34d09b08e0b9a69e327335b490a42
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0
34e4be92ec5b080fa8861ec31ab78bf63baad3b2242b5975a38de8d2807857aa
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
379a5bd79ef3f572a8d43820dd0daf7edd2c594753488a0be54e0f39e9e86e35
381375e2be635408860be657e0e14613c8511cc9787f87d433598ad2b0e476e6
385e7978de95276cc6b8777e4a6607e0c8199cafb47b7502fce8aeb4b0187a97
3aa185e893fb9f313f32144f13b602905b6728029f2d5be20337f264a31ca32b
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
403b941b779b43892bb9b8dd533afbdc9c17268b01b6584b3b962c5f2aba1331
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
48c3e8b090c4f289b7ba306ad9d27d7d9ddfddef370275f8c41ac0e0f3a67bd0
48c460c0a1344286ed4e92d62343bc0b73f404b7d0a7c87b7451b862663d73e3
4a1eb9573c5cff7f4079e172f4705f2bbf80e74966917b9aa30a18ea935e34ae
4af2edf490a17d0a65ba6a89b059a460d2c6e80024aa2ddfe9c9caaae88500e3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7dd620144604a6ed29e8661dc0a7cb943440a190457657514a9343386deb3e
4c6df99ce6c755727427a99699b38bef5fa3752f01d256746eee2d483afe2d9b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
50d9911d12fbf3ed2b3d5a477e460552b37212daa2fc4d6dd66f22d72d1572da
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55b6c3bbd4916f12c570b45b9729aad8847366c4970cd3b14219f52298ee6ade
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
586cbad2f37632937b03e0c628d4bc71b6e13932e955bea3e6ec8d5571a10fa1
5ab451e881772c838972c0ce9a4e985ffef822b5426df51879c2d636fdee1321
5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a
5ce12c6a858d78dbc3b062ff1905ec4e84e23e72887f6c054f7687d19ee8aa0a
5e55cbe1bc804f6c6a0296fbe23fc26a7275f7e8593784569597702bec5772b4
609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4
6179c4db6016209d3297febf8a9243c7356e99b52cb8b3c7e7b72c0bbc7dbaf8
630973061275a7c6c069cb073f8f20b1662807cebe9260bd310503e70ff78628
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
75ab967337aa8edae5bb0cf87c905b770b76b85be76de75eae74fa4c6041b060
7733ea475e2c615e0dcd25d74854e5a11bad4ff2ee3ac2dce587807eeea11680
7a886d7dc1c6da863baebeee6ae961cfee493cb362abed070bde2728abe50eae
7c6046312c388a53d133de12cd73d6cf9e2c9bcff9d6b3b5967eb368e032466a
7d3315c2b2c849bdb5d2a94f08472eaadb8147502748cef585adc1d000e1a38b
7daad0da73ed01f8c03a48becc5b559dfb3f713b8c9710331c9baf3daad1815a
7e50ef43a409a0fb238ca0bf976da42318d9551fb119ceaf567e37e5270e72c0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff4d402600b7937e4a0480ed284e7b8e2f11c994b1a6d6b86f87f96ce1f33be
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
85461b284a9dab2cd087d7d204b733e87b3b695eae23e9f72043bc2ead11197b
85fbb617006fda03647a23aa3c1312644a401c1c32f3b26c34f9f4137f7b52d3
8c0663f22641285eafb65e35b6a3f85d62d21da0c42d68cc4a764c7af1456d75
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8ebec7366236d66d326611f9c885116c612b7fe36ff0b65b55924c666383d4d8
8f678711fe22e3ecf02aa2b968bbd842723cf113dcafae38e8eb4d95606fa313
8f9c57c81d47ce90d89f07b6fa259e7b6ab9e7d843ab8608950e3d2d9bad3da3
8fc88354bb769f6275e93b0b62fc9284d40de4deef05d5559d4bc177275ff2f3
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
937e538076ed7b876c7f25211946fafda156fc508e98a3b68a6acb59181ae0d2
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5
95a7bbffb433efe3b6f6659eb30591afb1be9b2a3d72e0fd0ac0cd368e180f8b
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9a7ba7e3e18501f3b228ef2965f551646ad94922a1eac09b5e220e6371178886
9c5a6c4f39eb0f56dddb57277d2d7c27565c3b339718eee0a457230ff884d66c
9e0f1a805508e8790ba72790ffc825d2985496aa756568484cc24e788fbac2d4
9f3f6121ee9e9db4bb59cb15d5584d38625752b6a3d5a69988464177eb726092
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02868b5b1d57dbbf1aa9a2505424ca8795be83b2a3af2ddb67079e0af0c3413
a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875
a34f0ac0e0bae229e0913698c55cf65d12b30bb97c62e0bd6c8691dbbf2f9857
a352005a0840635462b71574fef5eeeb0464107e4fdeb2d0f5ac8768afb922b1
a35201fa1108a045cd27d4f969b0894a2bbcdccb20f0f229397613acee500ad4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a82269bce61196e0aca1c36b304de3471e367a41179284996e6b06b2a3b3009a
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f2800ef9f421031a266e43b3fef58c4bf600ebdbb93b6aa3d5cfc8d2e1d99f
b1f2ad19633051d6a096ada0b6a79b6bd31a4f7932b5221374bff41ea515e57d
b1f47c706c54c7d544dca60397f62a9d88ee87e0f74b8afeedc9bb9e9f0010f9
b203650a46d88df4b66855d2261846644403677ad0acab0ae4ba49954b075af3
b5bfe13ef908e46e71d5c574be1b3b64df3f4c5dfd11a47b65739eeac509f9d8
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b73225e8c73c949e1ebc99577b46fd572f0816e5db7541f5fd3131c01841e3dd
bae67acce797143561693421e0ebf6a107e1b8321ef49ca8a072460fa4598759
bb5e74ea90b84eb7f60c01fdf1b8cb1302e2bd5e6cadcc5b31e84b74a073ee2c
bc14b98868b014b8089c5519faddb073e80a8a3f07768a282f48cce196f70e51
bd4d4dc816dffa72f49f5e09ae0962b84ad6734eeaa27b04541506e1ef13eaed
bfbab0a2802ea73cf61e34464b5aa8275e8721fb1d31347813fd7660f32e6942
c1287adfc1c6761dcb4221e342113981bfcf6067e0f65adbf417674f5e83da4d
c1d10651b2cecd0feed7821aed93a5d95ae240ff7ca4870538d5459c0d12fc6e
c30f779bb2672d1aef64b2d370d118dd6f3a04d6a247f02379348ff6e22c60cf
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef
cb501d63375e6f5cb9642478b5282de86b21c7488b07a7985f6962e4d2ca0efe
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1a0719678f9792e144181b228af747aefbfbd1f7b41eb6c29fc6be3c9aac869
d422fd12738ddef2c702da863a0087d92bcd3061592e097d505d3130e2e87f9f
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
e0bc80c300d6e762a2b7735c0df0b8c9a50a94efb5f425f3e39d0c7f476625c4
e13851a59b255c409dc7d59252bb593f8dee68d9f3e992aed2879b122f3da2fa
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e980057dab2ae662abc5392ba225c0df649d87c38e5a7c1c9c7e1d766f57bb0f
e98ed6ef07642d3906afa574e85f0fe763cb41882c460180383c3361c0686839
eb0574bfe55a33a197a4cb5b5ca86cd7d59974750615725975a908544409e019
ece10568ed076ba4620c225d4959a71e33dc03ea8154148368223eab3e761c51
ed99e90ee1e28944cb257b8a06d730a89f3cbf40dcb2f102b8414e80897dabda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f0e2c4b82230c4185ad9ea1795461bbd93d7b5544f0cd6205a0d5c5d81cf558b
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f6203e6a6392775763b558a1b1a894789ae6503e8635298520043c3d7a9578f7
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
fb5d0db4a0e486d673deb8cdb8db8f27e3060f969f7cdd204e0923b0a71c5705
fefe3e8514b49d00f4e5b4c7584197a35d541d224f235f3b8d53387002c19229

www.u2interference.com Open in urlscan Pro 104.26.6.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

228 Requests

100 %HTTPS

65 %IPv6

28 Domains

41 Subdomains

46 IPs

4 Countries

3479 kBTransfer

7298 kBSize

14 Cookies

3 Outgoing links

Page URL History

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.u2interference.com Open in urlscan Pro
104.26.6.126 Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

100 %
HTTPS

65 %
IPv6

28
Domains

41
Subdomains

46
IPs

4
Countries

3479 kB
Transfer

7298 kB
Size

14
Cookies

228 HTTP transactions
5 data transactions