controlc.com Open in urlscan Pro
2606:4700:3037::6818:6331 Public Scan

URL:
https://controlc.com/a517ef38
Submission: On April 29 via manual (April 29th 2020, 2:39:01 pm UTC) from ID

Summary HTTP 127 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 25 domains to perform 127 HTTP transactions. The main IP is 2606:4700:3037::6818:6331, located in United States and belongs to CLOUDFLARENET, US. The main domain is controlc.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 14th 2019. Valid for: a year.

This is the only time controlc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3037::6818:6331	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	23.111.10.144 23.111.10.144	33438 (HIGHWINDS2) (HIGHWINDS2)
1	23.111.10.140 23.111.10.140	33438 (HIGHWINDS2) (HIGHWINDS2)
18	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.14.214 151.101.14.214	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
2	134.209.16.110 134.209.16.110	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
22	13.35.253.42 13.35.253.42	16509 (AMAZON-02) (AMAZON-02)
1	40.84.148.247 40.84.148.247	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.14.167 151.101.14.167	54113 (FASTLY) (FASTLY)
1	13.35.254.167 13.35.254.167	16509 (AMAZON-02) (AMAZON-02)
2	52.218.80.84 52.218.80.84	16509 (AMAZON-02) (AMAZON-02)
1	208.100.17.172 208.100.17.172	32748 (STEADFAST) (STEADFAST)
5	54.236.169.205 54.236.169.205	14618 (AMAZON-AES) (AMAZON-AES)
2 4	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
2 3	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
2 2	35.241.44.144 35.241.44.144	15169 (GOOGLE) (GOOGLE)
1 1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
127	24

19 2606:4700:3037::6818:6331 (United States)

ASN13335 (CLOUDFLARENET, US)

controlc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.144 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.fancybar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.140 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.carbonads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.214 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

api.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.209.16.110 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-13.buysellads.com

srv.carbonads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 13.35.253.42 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-42.fra6.r.cloudfront.net

yadloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.84.148.247 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ads3.mthsense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.167 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.167 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-167.fra6.r.cloudfront.net

d2tbmvllb55wxq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.80.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.172 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip172.208-100-17.static.steadfastdns.net

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.236.169.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-169-205.compute-1.amazonaws.com

exchange.bidphysics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.120.147 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

os4m-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.249 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.44.144 (Ascension Island) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 144.44.241.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	46 KB
22	yadloop.com yadloop.com	33 KB
20	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	383 KB
19	controlc.com controlc.com	190 KB
10	googletagservices.com www.googletagservices.com	253 KB
6	openx.net 4 redirects os4m-d.openx.net rtb.openx.net eu-u.openx.net us-u.openx.net	2 KB
5	bidphysics.com exchange.bidphysics.com	2 KB
4	google.com 1 redirects www.google.com adservice.google.com	841 B
3	lijit.com 2 redirects ap.lijit.com	2 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	twitch.tv api.twitch.tv player.twitch.tv	892 B
3	google.de adservice.google.de www.google.de	606 B
2	amazonaws.com s3-eu-west-1.amazonaws.com	90 KB
2	google.be adservice.google.be	1010 B
2	carbonads.net srv.carbonads.net	1 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	sonobi.com 1 redirects sync.go.sonobi.com	748 B
1	1rx.io tag.1rx.io	267 B
1	33across.com ssc.33across.com	341 B
1	cloudfront.net d2tbmvllb55wxq.cloudfront.net	224 KB
1	mthsense.com ads3.mthsense.com	3 KB
1	carbonads.com cdn.carbonads.com	6 KB
1	fancybar.net cdn.fancybar.net	8 KB
0	casalemedia.com Failed as-sec.casalemedia.com Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
127	25

	Domain	Requested by
22	yadloop.com	controlc.com yadloop.com
19	controlc.com	controlc.com securepubads.g.doubleclick.net
18	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net controlc.com yadloop.com
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net controlc.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
10	www.googletagservices.com	controlc.com securepubads.g.doubleclick.net
5	exchange.bidphysics.com	d2tbmvllb55wxq.cloudfront.net controlc.com
3	ap.lijit.com	2 redirects d2tbmvllb55wxq.cloudfront.net
3	ib.adnxs.com	2 redirects d2tbmvllb55wxq.cloudfront.net
3	adservice.google.com	securepubads.g.doubleclick.net www.googletagservices.com
2	eu-u.openx.net	2 redirects
2	rtb.openx.net	2 redirects
2	s3-eu-west-1.amazonaws.com	securepubads.g.doubleclick.net
2	adservice.google.be	securepubads.g.doubleclick.net
2	srv.carbonads.net	cdn.carbonads.com
2	www.google-analytics.com	1 redirects controlc.com
2	api.twitch.tv	controlc.com
2	adservice.google.de	www.googletagservices.com
1	us-u.openx.net	controlc.com
1	cm.g.doubleclick.net	1 redirects
1	sync.go.sonobi.com	1 redirects
1	tag.1rx.io	d2tbmvllb55wxq.cloudfront.net
1	os4m-d.openx.net	d2tbmvllb55wxq.cloudfront.net
1	ssc.33across.com	d2tbmvllb55wxq.cloudfront.net
1	d2tbmvllb55wxq.cloudfront.net	ads3.mthsense.com
1	player.twitch.tv	controlc.com
1	ads3.mthsense.com	securepubads.g.doubleclick.net
1	www.google.de	controlc.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	cdn.carbonads.com	controlc.com
1	cdn.fancybar.net	controlc.com
0	as-sec.casalemedia.com Failed	d2tbmvllb55wxq.cloudfront.net
0	fastlane.rubiconproject.com Failed	d2tbmvllb55wxq.cloudfront.net
127	34

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-14` - `2020-09-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.fancybar.net COMODO RSA Domain Validation Secure Server CA	`2018-09-10` - `2020-09-09`	2 years	crt.sh
*.carbonads.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-03` - `2022-04-08`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
twitch.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-17` - `2021-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.carbonads.net Sectigo RSA Domain Validation Secure Server CA	`2019-09-19` - `2021-10-12`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
yadloop.com Amazon	`2019-10-22` - `2020-11-22`	a year	crt.sh
ads3.mthsense.com Go Daddy Secure Certificate Authority - G2	`2019-09-03` - `2020-11-01`	a year	crt.sh
*.google.be GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.bidphysics.com Amazon	`2020-03-05` - `2021-04-05`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2019-03-11` - `2020-05-10`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh

This page contains 33 frames:

Primary Page: https://controlc.com/a517ef38
Frame ID: 50D2842C41C0D1AF1476CB6C5CBB9F2F
Requests: 34 HTTP requests in this frame

Frame: https://controlc.com/a517ef38/fullscreen.php?hash=04939a1a63262e642a19b8f9d5f5b1d4&linenum=false
Frame ID: 8DB3B65E8C3ADB3BC03FDD346F26547E
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE_eCNOmwbFbRLTrdoQod2T1MEizO2JjhgbuxtuNS_cozl0ZeXcrwx2kdB4zmNSzaQrfrbtzfnK0TTu3x_MO1Zc2VRK6Xn_84BewmOSXNZ31mFmcktACjpbBBh8WS6FOYK2nunNqrkoFszFjl8AxlFskBNg2UYv6OydjMHp-bp2KD6z29FbDcZaL0Eo9cWFKvZtsUy9bYLlYxKlbyWsdNGGBzzaKK8iBAAL1frCnqKl9XuetQqcWxinRO0LVn0xSY4WOCK5OvHdF97v4MuVlNhTtZMzRqZUg&sai=AMfl-YTz6G7CCDNdbQMRfyqV-RyZ6GlrnjOhBW6RMwkE2v7Ju0mmaS5SYzpX17WO5PblDeLSJqsw1c6act0RebsUP0Nw2Pfn9KIZrvSdlG3J&sig=Cg0ArKJSzJvcQ3hnUg1rEAE&urlfix=1&adurl=
Frame ID: 51D5394AE19D2E1D308B843ED665CB38
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEbZzf-vxX8CdnWC_GxIkocDipX1ubo02KAq7cfJKc4-jSD-r0cDeWVrBUsC9pTvQfwIeRazWHGvogBcQ12VhORmrjgdxkTmpKRhTeRgwv_XlurKrAIBc84CjzxjKOT3THT_046gcLjjUyR54JIfVkwImnszB6DQcZn5YayXMm-JQVZkfnAZRaUFebxeuX6xUEzdj19vpoK5UCiJ9r2ALDi3vTIQqc1IjYEGdVENRjyluC9aorH0m0sxaHpJwOQor2aov2W0MtK6CnNsIw970n5kQ31g&sai=AMfl-YRqxjvzh8iM6-7mL--ZAU1JEbPtHTJW69LI_xSGxAY926ngbFkWe9KNnnEPZ1VQJR-_GBBczoclLrWTaao6orEy4XmQHgUSiZCpmeVM-w&sig=Cg0ArKJSzK944OnaMdeAEAE&urlfix=1&adurl=
Frame ID: 34A9CDA27AC3A34451BC3DBF49763EA0
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuL8BryEQDKMY5t1PUC-CqaeNIWKJsD6rI4VFdijbU1b8c10p1wqkcYi4jnYi9T2ad6ZwAVuAaoWI2ot7CBuNZ3gKe2P2u4gB-pBRG99RCjxP2oLYwXbdqk97NUgkzgY5T1T0CgoPDZbqz_CcVdQrc2pAXcpnYqPAFk17TzpY-kawNOv0ruoRlVJzw53G1wmZvY_chEMotthJkPDxCX2uoY4lhgtw5IBIDcmiWWX5dII4sW5gHLm95Q1KwS_7GAiBbx4bRA52SDxhoPULI&sai=AMfl-YSdOqTqCsfxb6Q7_GGLdr5EOQ7MxQaHvvqhGLRneea2bpWQ5I5la5rweq4C6cfn9H_QL3llKTawWjuyXabBumEnEBxgz3KmK96dHzEm&sig=Cg0ArKJSzHlBsmyVJLGXEAE&urlfix=1&adurl=
Frame ID: 934CDAB3FF2C9C78DF5B9261CFB6F9D4
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 6E38A5C24C5C5DA7257EC356D487F299
Requests: 10 HTTP requests in this frame

Frame: https://yadloop.com/send?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475213&cb=9212911588171104234
Frame ID: 64B9A84C843B91CB657F08C3353AA5E1
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f9&cb=2217691588171104236
Frame ID: 07445197E869F740D3B36249C5A304FC
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba023&cb=5322641588171104238
Frame ID: 1312361CAABDDED9D0E2DCFE409DADA3
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a97&cb=6175711588171104242
Frame ID: EB10361E4035B7B77E9D1441FEE084AF
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/syncro?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a1&cb=9942291588171104250
Frame ID: D69A46E7F11C4DA0FD3433308870E88D
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe483&cb=9869541588171104255
Frame ID: D6870F5848163DDAEE9DFB8AF19513CD
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/sync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb31&cb=0513381588171104265
Frame ID: AFDF1BF0B689CCD3CACA993C948DA4D5
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stat?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f7&cb=8601051588171104269
Frame ID: 53DED2328EF8E0CFFB12C0EECE649D98
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab301&cb=0395151588171104272
Frame ID: E0C8610F926E7A928947C53A20B49D06
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 043EB4538BB9F24C080B6795132553CF
Requests: 10 HTTP requests in this frame

Frame: https://yadloop.com/send?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a33&cb=7206901588171104287
Frame ID: DA34D8BB2472417AC1AD4714D5009FDB
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/syncro?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d81&cb=8410951588171104291
Frame ID: BEF977BB0CA278FF6162E0BC72257BBA
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1753&cb=0768151588171104295
Frame ID: A829B50D83E8A49423D3B94E84ACB9C8
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260887&cb=1740711588171104299
Frame ID: 0FE14DB390B015B0E26C1DFB6DEB5CA9
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e701&cb=9415361588171104307
Frame ID: DBA0317ECBBB78B52AF0F7444486BD85
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/counter?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d35&cb=2853371588171104319
Frame ID: 652D625FEA3C44E326693EBD86C02134
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/syncro?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b3&cb=7287791588171104326
Frame ID: BAB3C25EBC9A82A4661D6FB6CD78AA79
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc1&cb=7063671588171104328
Frame ID: F942A9F9DD14672F74BCC932368B4BB0
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/sync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e71&cb=4446821588171104335
Frame ID: D29F1EDE8A8119DF3EB90D180D8488F5
Requests: 1 HTTP requests in this frame

Frame: https://player.twitch.tv/?channel=mrmouton
Frame ID: AF104D943844252049259FFB3F0BCF75
Requests: 1 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Frame ID: 7332A2EC6AFB91518B77CB6787B7D41D
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup_ipwRyUceG52VqDK0KoRdpu38OEtyGDetuXlB4M5jzQr6IIVqK9NtwypPbUEiyK-rae9JNN7jz8EkAeKNRXGZgkAsG2Eol47s9l7t922k0OC6-G71MrCdw2y5OfP8G5jVyJkq1QcyBODEwlQ3XLjX0WHIlQAcqfJxai460MmEIbJm15wu7lhS7xYgV8YP7PeOUujHdSMO2CFVrncFzbpmobjH36mfvN6GBSDKzHFZdhxkMdC3UQbpvxDhES1a112oliUo8gFJDsncA&sig=Cg0ArKJSzNsQJtc_5pTsEAE&urlfix=1&adurl=
Frame ID: DAAF6B5E76B5241904EAA9500BB51A20
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOF3zEhM2PW4-D1kvcJu074bAU2KZdf9GtfArOZDHXDq2h9gRyXEjYbEqIlwHnbGCso5c6JeV54JhY45iRLifwYVqA7Wp-nH9SsRnuYyF1gbsEK59RIZJB1lTyS7yR8E77BTqV1P4guq-sN8X8c_8UeXn1vC41zs70R3S68K3XZ5m8N40nXFw9GhG9-1oGipAJ15vH-iOr6MZHnNI0dX8ShqrE9mpYqDWUoLEaV1QlJ13aS5iyR1TyqGqorXiIRWEXQLfnEYEp2o8&sig=Cg0ArKJSzHDiErbGFN14EAE&urlfix=1&adurl=
Frame ID: C5C949EFD47A85564778DD8FFB23D2D5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 99FB02DC3C54FE26908D918AB79BE0C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: A95755AB4B7748B591255B590F000D5C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 78FDD97BED7A6AD31CE9D79B2DD67A80
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 404831D2A6C506D4AE1D02DA951AB90E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

127
Requests

98 %
HTTPS

32 %
IPv6

25
Domains

34
Subdomains

24
IPs

7
Countries

1264 kB
Transfer

2801 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1550513185&t=pageview&_s=1&dl=https%3A%2F%2Fcontrolc.com%2Fa517ef38&ul=en-us&de=UTF-8&dt=aegge%20-%20a517ef38&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=247534489&gjid=294454863&cid=881463528.1588171104&tid=UA-62963607-1&_gid=940407329.1588171104&_r=1&z=1710713835 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62963607-1&cid=881463528.1588171104&jid=247534489&_gid=940407329.1588171104&gjid=294454863&_v=j81&z=1710713835 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=881463528.1588171104&jid=247534489&_v=j81&z=1710713835 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=881463528.1588171104&jid=247534489&_v=j81&z=1710713835&slf_rd=1&random=1647607866

Request Chain 122

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5e994687-228a-067a-0833-503a343cb22b

Request Chain 123

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BUID%5D HTTP 302
https://exchange.bidphysics.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&uid=86836cfc-f4ed-402e-92f6-b70ffaed4610

Request Chain 124

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://exchange.bidphysics.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=7753b6b2e609db7507bcb768

Request Chain 125

https://ib.adnxs.com/getuid?https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fexchange.bidphysics.com%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=765864632378166518

Request Chain 126

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECQREBtvMi7XbDS9Y3msi_c&google_cver=1

127 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request a517ef38 Show response
controlc.com/ 11 KB
4 KB 115ms
74ms Document
text/html 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 5321b86378fef54c76e17430a054fc69ab7232b42934f2f277cb4e6a5cdc2500

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /a517ef38
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 29 Apr 2020 14:38:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dcf49aa6351acf583866ae28857c0c34d1588171103; expires=Fri, 29-May-20 14:38:23 GMT; path=/; domain=.controlc.com; HttpOnly; SameSite=Lax PHPSESSID=087f109a04d5eb523a2e836b7bf51b98; path=/ tinychat_box=1588171103; expires=Thu, 30-Apr-2020 14:38:23 GMT; Max-Age=86400; path=/; domain=.tinypaste.com
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58b9c43528b29ac8-FRA
content-encoding: br
cf-request-id: 0267f8f53900009ac8741ca200000001

GET
H2 200 global.css
controlc.com/public/css/ 12 KB
3 KB 17ms
14ms Stylesheet
text/css 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 7160
cf-polished: origSize=15109
status: 200
cf-request-id: 0267f8f59100009ac8741d1200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 58b9c435b93c9ac8-FRA
cf-bgj: minify

GET
H2 200 bootstrap.css
controlc.com/public/css/ 80 KB
13 KB 27ms
24ms Stylesheet
text/css 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap.css
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 7148
cf-polished: origSize=99036
status: 200
cf-request-id: 0267f8f59100009ac8741d2200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-182dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 58b9c435b93d9ac8-FRA
cf-bgj: minify

GET
H2 200 bootstrap-responsive.css
controlc.com/public/css/ 10 KB
2 KB 20ms
16ms Stylesheet
text/css 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap-responsive.css
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 7055
cf-polished: origSize=14308
status: 200
cf-request-id: 0267f8f59100009ac8741d3200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-37e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 58b9c435b93f9ac8-FRA
cf-bgj: minify

GET
H2 200 view.css
controlc.com/public/css/ 598 B
372 B 16ms
12ms Stylesheet
text/css 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/view.css
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 6985
cf-polished: origSize=752
status: 200
cf-request-id: 0267f8f59100009ac8741d4200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-2f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 58b9c435b9409ac8-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ 148 KB
30 KB 19ms
15ms Script
application/javascript 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 7160
cf-polished: origSize=153534
status: 200
cf-request-id: 0267f8f59100009ac8741d5200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 58b9c435b9419ac8-FRA
cf-bgj: minify

GET
H2 200 view.js Show response
controlc.com/public/js/ 2 KB
724 B 51ms
46ms Script
application/javascript 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/view.js?x=1588171103
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-7f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58b9c435b9469ac8-FRA
cf-request-id: 0267f8f59400009ac8741d6200000001

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
15 KB 63ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24adc7c2d602e83664123398f6bd47b59884e330bfcec72928f0282666502274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "500 / 578 of 1000 / last-modified: 1588103760"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14514
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:23 GMT

GET
H2 200 getpaid.png
controlc.com/public/images/ 6 KB
6 KB 13ms
13ms Image
image/png 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/getpaid.png
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 7071
etag: "555139ee-196e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58b9c43609aa9ac8-FRA
content-length: 6510
cf-request-id: 0267f8f5c400009ac8741db200000001

GET
H2 200 logo.png
controlc.com/public/images/ 12 KB
12 KB 14ms
14ms Image
image/png 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/logo.png
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
cf-cache-status: HIT
last-modified: Thu, 19 Sep 2019 14:03:25 GMT
server: cloudflare
age: 7147
etag: "5d838aad-2f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58b9c43619c39ac8-FRA
content-length: 12078
cf-request-id: 0267f8f5d200009ac8741dd200000001

GET
H/1.1 200
OK fancybar.js Show response
cdn.fancybar.net/ac/ 21 KB
8 KB 68ms
18ms Script
application/javascript 23.111.10.144
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fancybar.net/ac/fancybar.js?zoneid=1502&serve=C6ADVKE&placement=tinypaste
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.10.144 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:38:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 14:20:27 GMT
Server: NetDNA-cache/2.2
ETag: W/"5362-5900057953202"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 ab.png
controlc.com/ 67 KB
67 KB 11ms
11ms Image
image/png 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/ab.png
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Mar 2020 10:19:31 GMT
server: cloudflare
age: 7147
etag: "5e81c7b3-10a35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58b9c4368a529ac8-FRA
content-length: 68149
cf-request-id: 0267f8f61900009ac8741e2200000001

GET
H/1.1 200
OK carbon.js Show response
cdn.carbonads.com/ 15 KB
6 KB 81ms
18ms Script
application/javascript 23.111.10.140
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.carbonads.com/carbon.js?serve=CKYIKK7U&placement=pasteco
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.10.140 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8d085a06d8c3fd49c6e05b3a602a8c64c171c585c7713cb57658578729757a7e

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:38:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Apr 2020 16:15:55 GMT
Server: NetDNA-cache/2.2
ETag: W/"3ba2-5a3e3725fe826"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ 237 KB
86 KB 76ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87243
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:23 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
323 B 16ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=controlc.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 bg.png
controlc.com/public/images/ 987 B
1 KB 16ms
16ms Image
image/png 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/bg.png
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 20
etag: "555139ee-3db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58b9c4370acf9ac8-FRA
content-length: 987
cf-request-id: 0267f8f66200009ac8741e6200000001

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 406 B
724 B 61ms
61ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=334856439952988&correlator=476563735669635&output=ldjh&impl=fif&eid=21065983%2C21062832%2C21065113%2C21065919%2C44716866&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200429&iu_parts=1025874%2CPasted_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1588171103&dt=1588171103847&dlt=1588171103620&idt=211&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=0&adks=765271295&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2Fa517ef38&dssz=7&icsg=250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=881463528.1588171104&ga_sid=1588171104&ga_hid=1550513185&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b8579732f8fd3f6c30fff6e7033735e18d3f5ca38d0885750a4073c409dac68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 23ms
10ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 66ms
64ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=334856439952988&correlator=476563735669635&output=ldjh&impl=fif&adsid=NT&eid=21065983%2C21062832%2C21065113%2C21065919%2C44716866&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200429&iu_parts=1025874%2CPasted_728x90_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1588171103&dt=1588171103888&dlt=1588171103620&idt=211&frm=20&biw=1600&bih=1200&oid=3&adxs=50&adys=163&adks=1406371575&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2Fa517ef38&dssz=13&icsg=16034&std=0&csl=89&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1500x90&msz=1500x90&ga_vid=881463528.1588171104&ga_sid=1588171104&ga_hid=1550513185&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

aaced4e8d533fb090c3c389d262b7030858bd891ea17cdbb636b335b8e395f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2366
x-xss-protection: 0
google-lineitem-id: 5214351027
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293538274
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ab.js Show response
controlc.com/ 5 KB
2 KB 15ms
12ms Script
application/javascript 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/ab.js
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Mar 2020 09:43:08 GMT
server: cloudflare
age: 137
etag: W/"5e806dac-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58b9c4376b399ac8-FRA
cf-request-id: 0267f8f6a000009ac8741ea200000001
cf-bgj: minify

GET
H2 200 streams Show response
api.twitch.tv/helix/ 27 B
251 B 187ms
186ms Fetch
application/json 151.101.14.214
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.twitch.tv/helix/streams?user_login=harkdan

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.214 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

31c70fc4fa7dee6db3f53f0c1db540813dfc6523f0226634179a701062d3e616

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Client-ID: jzkbprff40iqj646a697cyrvl0zt2m6
Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ratelimit-reset: 1588171106
vary: Accept-Encoding
x-cache: MISS, MISS
x-ctxlog-logid: 1-5ea99160-f3bfa3c9c93a3e3f1237d542
status: 200
ratelimit-limit: 30
content-length: 27
x-served-by: cache-sea4446-SEA, cache-fra19153-FRA
pragma: no-cache
twitch-trace-id: 221dcacfcf1f681d5acaad72aebaa52e
server: envoy
x-timer: S1588171104.128794,VS0,VS0,VE163
date: Wed, 29 Apr 2020 14:38:24 GMT
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
access-control-allow-origin: *
expires: 0
cache-control: no-cache, no-store, must-revalidate, private
timing-allow-origin: https://www.twitch.tv
ratelimit-remaining: 29
x-cache-hits: 0, 0

GET
H2 200 streams Show response
api.twitch.tv/helix/ 476 B
641 B 189ms
189ms Fetch
application/json 151.101.14.214
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.twitch.tv/helix/streams?user_login=mrmouton

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.214 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f9cc73b69d62465e704862c55a9c4deae7a5275e21cda301fd98128c95bed05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Client-ID: jzkbprff40iqj646a697cyrvl0zt2m6
Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ratelimit-reset: 1588171108
vary: Accept-Encoding
x-cache: MISS, MISS
x-ctxlog-logid: 1-5ea99160-a98a6c056a0e44f9c95a1cb2
status: 200
ratelimit-limit: 30
content-length: 476
x-served-by: cache-sea4445-SEA, cache-fra19153-FRA
pragma: no-cache
twitch-trace-id: 742bf90a1ce64aa4916a5bdca8eb9421
server: envoy
x-timer: S1588171104.140769,VS0,VS0,VE166
date: Wed, 29 Apr 2020 14:38:24 GMT
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
access-control-allow-origin: *
expires: 0
cache-control: no-cache, no-store, must-revalidate, private
timing-allow-origin: https://www.twitch.tv
ratelimit-remaining: 28
x-cache-hits: 0, 0

GET
H2 200 fullscreen.php Show response
controlc.com/a517ef38/ Frame 8DB3 12 KB
2 KB 94ms
93ms Document
text/html 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/a517ef38/fullscreen.php?hash=04939a1a63262e642a19b8f9d5f5b1d4&linenum=false
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: f9727465c17f22966e88df414eccd5309a002acc3709ff5d6fbd13afe8c48cd8

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /a517ef38/fullscreen.php?hash=04939a1a63262e642a19b8f9d5f5b1d4&linenum=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dcf49aa6351acf583866ae28857c0c34d1588171103; PHPSESSID=087f109a04d5eb523a2e836b7bf51b98
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
date: Wed, 29 Apr 2020 14:38:23 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58b9c4376b3c9ac8-FRA
content-encoding: br
cf-request-id: 0267f8f6a300009ac8741eb200000001

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 61ms
60ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=334856439952988&correlator=476563735669635&output=ldjh&impl=fif&adsid=NT&eid=21065983%2C21062832%2C21065113%2C21065919%2C44716866&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200429&iu_parts=1025874%2CPasted_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1588171103&dt=1588171103907&dlt=1588171103620&idt=211&frm=20&biw=1600&bih=1200&oid=3&adxs=1390&adys=109&adks=2762401180&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2Fa517ef38&dssz=21&icsg=1027618&std=0&csl=87&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=881463528.1588171104&ga_sid=1588171104&ga_hid=1550513185&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a33229dd5e06b9426f84536ce878c9d58dda7865a35019d52e2d290312ef7a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2162
x-xss-protection: 0
google-lineitem-id: 5215140857
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293261120
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 61ms
59ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=334856439952988&correlator=476563735669635&output=ldjh&impl=fif&adsid=NT&eid=21065983%2C21062832%2C21065113%2C21065919%2C44716866&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200429&iu_parts=1025874%2CPasted_728x90_Bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1588171103&dt=1588171103913&dlt=1588171103620&idt=211&frm=20&biw=1600&bih=1200&oid=3&adxs=50&adys=740&adks=2507290776&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2Fa517ef38&dssz=25&icsg=4110474&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1520x723&msz=728x-1&ga_vid=881463528.1588171104&ga_sid=1588171104&ga_hid=1550513185&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

bb5e6be1c9f8465f84c4790f043c68293e5d7f5d49189d9c08272632e7cd31b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2084
x-xss-protection: 0
google-lineitem-id: 4655064465
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232062340
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 glyphicons-halflings.png
controlc.com/img/ 14 KB
14 KB 17ms
15ms Image
image/png 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/img/glyphicons-halflings.png
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:23 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 137
etag: "555139ee-3602"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58b9c4378b4f9ac8-FRA
content-length: 13826
cf-request-id: 0267f8f6b000009ac8741ee200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6123
date: Wed, 29 Apr 2020 12:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Wed, 29 Apr 2020 14:56:20 GMT

GET
H/1.1 200
OK CKYIKK7U.json Show response
srv.carbonads.net/ads/ 598 B
686 B 103ms
43ms Script
application/javascript 134.209.16.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CKYIKK7U.json?segment=placement:pasteco&callback=_carbonads_go
Requested by: Host: cdn.carbonads.com
URL: https://cdn.carbonads.com/carbon.js?serve=CKYIKK7U&placement=pasteco
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.16.110 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-ldn-13.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: b8d3aca312763e70e86ceb0e2314eca8be40af74b5a656c2a1b76d5e1378629d

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Apr 2020 14:38:24 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 447
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1550513185&t=pageview&_s=1&dl=https%3A%2F%2Fcontrolc.com%2Fa517ef38&ul=en-us&de=UTF-8&dt=aegge%20-%20a517ef38&sd=24-bit&sr=1600x1200&vp=1600x...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62963607-1&cid=881463528.1588171104&jid=247534489&_gid=940407329.1588171104&gjid=294454863&_v=j81&z=1710713835
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=881463528.1588171104&jid=247534489&_v=j81&z=1710713835
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=881463528.1588171104&jid=247534489&_v=j81&z=1710713835&slf_rd=1&random=1647607866

42 B
109 B

21ms
17ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=881463528.1588171104&jid=247534489&_v=j81&z=1710713835&slf_rd=1&random=1647607866

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=881463528.1588171104&jid=247534489&_v=j81&z=1710713835&slf_rd=1&random=1647607866
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 51D5 0
0 35ms
34ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE_eCNOmwbFbRLTrdoQod2T1MEizO2JjhgbuxtuNS_cozl0ZeXcrwx2kdB4zmNSzaQrfrbtzfnK0TTu3x_MO1Zc2VRK6Xn_84BewmOSXNZ31mFmcktACjpbBBh8WS6FOYK2nunNqrkoFszFjl8AxlFskBNg2UYv6OydjMHp-bp2KD6z29FbDcZaL0Eo9cWFKvZtsUy9bYLlYxKlbyWsdNGGBzzaKK8iBAAL1frCnqKl9XuetQqcWxinRO0LVn0xSY4WOCK5OvHdF97v4MuVlNhTtZMzRqZUg&sai=AMfl-YTz6G7CCDNdbQMRfyqV-RyZ6GlrnjOhBW6RMwkE2v7Ju0mmaS5SYzpX17WO5PblDeLSJqsw1c6act0RebsUP0Nw2Pfn9KIZrvSdlG3J&sig=Cg0ArKJSzJvcQ3hnUg1rEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
H2 200 t.js Show response
yadloop.com/ Frame 51D5 15 KB
16 KB 135ms
53ms Script
application/javascript 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash: 8028739b2067aa288b1bb58158cef5d21dc8cb787c231b2da5064f7fd9b5638a

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 29 Apr 2020 14:38:24 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: yDGfAG4vtiYOmEUZmBMTu1YoATIZ19PMCWDayTYvzbHDc46bu5y-TA==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51D5 75 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587986955147099"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28776
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c56935854bed13b06e04dd8a756cb635edca2f98d1f55b3608ecc200162426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587986955147099"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28343
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 34A9 0
0 35ms
34ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEbZzf-vxX8CdnWC_GxIkocDipX1ubo02KAq7cfJKc4-jSD-r0cDeWVrBUsC9pTvQfwIeRazWHGvogBcQ12VhORmrjgdxkTmpKRhTeRgwv_XlurKrAIBc84CjzxjKOT3THT_046gcLjjUyR54JIfVkwImnszB6DQcZn5YayXMm-JQVZkfnAZRaUFebxeuX6xUEzdj19vpoK5UCiJ9r2ALDi3vTIQqc1IjYEGdVENRjyluC9aorH0m0sxaHpJwOQor2aov2W0MtK6CnNsIw970n5kQ31g&sai=AMfl-YRqxjvzh8iM6-7mL--ZAU1JEbPtHTJW69LI_xSGxAY926ngbFkWe9KNnnEPZ1VQJR-_GBBczoclLrWTaao6orEy4XmQHgUSiZCpmeVM-w&sig=Cg0ArKJSzK944OnaMdeAEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
H2 200 t.js Show response
yadloop.com/ Frame 34A9 15 KB
16 KB 119ms
50ms Script
application/javascript 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash: f57958616b77a8ebbddb057149fe73c9652c4efd54ab3befc91fc5bbfdaa19aa

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 29 Apr 2020 14:38:24 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: rNraMy7n6fA67-zpO4Is6fX7XKQJZVEy0wbC_zLAH8QPf2vGOh_17w==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34A9 75 KB
28 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587986955147099"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28776
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 934C 0
0 35ms
31ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuL8BryEQDKMY5t1PUC-CqaeNIWKJsD6rI4VFdijbU1b8c10p1wqkcYi4jnYi9T2ad6ZwAVuAaoWI2ot7CBuNZ3gKe2P2u4gB-pBRG99RCjxP2oLYwXbdqk97NUgkzgY5T1T0CgoPDZbqz_CcVdQrc2pAXcpnYqPAFk17TzpY-kawNOv0ruoRlVJzw53G1wmZvY_chEMotthJkPDxCX2uoY4lhgtw5IBIDcmiWWX5dII4sW5gHLm95Q1KwS_7GAiBbx4bRA52SDxhoPULI&sai=AMfl-YSdOqTqCsfxb6Q7_GGLdr5EOQ7MxQaHvvqhGLRneea2bpWQ5I5la5rweq4C6cfn9H_QL3llKTawWjuyXabBumEnEBxgz3KmK96dHzEm&sig=Cg0ArKJSzHlBsmyVJLGXEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 934C 8 KB
3 KB 631ms
131ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.mthsense.com/RenderAd.aspx?id=14896&width=728&height=90
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c248cda33f942842c869a9791948211e82c43c8caf2693fbb670c80231b06120

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:38:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 2892

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 934C 75 KB
28 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587986955147099"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28776
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
H/1.1 200
OK CK7DT53I.json Show response
srv.carbonads.net/ads/ 600 B
688 B 44ms
43ms Script
application/javascript 134.209.16.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CK7DT53I.json?segment=placement:pasteco&callback=_carbonads_go
Requested by: Host: cdn.carbonads.com
URL: https://cdn.carbonads.com/carbon.js?serve=CKYIKK7U&placement=pasteco
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.16.110 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-ldn-13.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: d90fd78e4f5030674ba3ec27d93ec1fe05fc51facc6812935f571e714711d0b5

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Apr 2020 14:38:24 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 449
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H2 200 global.css
controlc.com/public/css/ Frame 8DB3 12 KB
3 KB 19ms
17ms Stylesheet
text/css 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38/fullscreen.php?hash=04939a1a63262e642a19b8f9d5f5b1d4&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/a517ef38/fullscreen.php?hash=04939a1a63262e642a19b8f9d5f5b1d4&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 7161
cf-polished: origSize=15109
status: 200
cf-request-id: 0267f8f74400009ac8741f1200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 58b9c4386c359ac8-FRA
cf-bgj: minify

GET
H2 200 fullscreen.css
controlc.com/public/css/ Frame 8DB3 312 B
365 B 13ms
13ms Stylesheet
text/css 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/fullscreen.css
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38/fullscreen.php?hash=04939a1a63262e642a19b8f9d5f5b1d4&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b

Request headers

Referer: https://controlc.com/a517ef38/fullscreen.php?hash=04939a1a63262e642a19b8f9d5f5b1d4&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 6737
cf-polished: origSize=426
status: 200
cf-request-id: 0267f8f74400009ac8741f2200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-1aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 58b9c4386c399ac8-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ Frame 8DB3 148 KB
30 KB 16ms
14ms Script
application/javascript 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38/fullscreen.php?hash=04939a1a63262e642a19b8f9d5f5b1d4&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/a517ef38/fullscreen.php?hash=04939a1a63262e642a19b8f9d5f5b1d4&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 7161
cf-polished: origSize=153534
status: 200
cf-request-id: 0267f8f74600009ac8741f3200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 58b9c4387c3a9ac8-FRA
cf-bgj: minify

GET
H2 200 tinypaste.js Show response
controlc.com/public/js/ Frame 8DB3 3 KB
1 KB 12ms
11ms Script
application/javascript 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/tinypaste.js
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38/fullscreen.php?hash=04939a1a63262e642a19b8f9d5f5b1d4&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9

Request headers

Referer: https://controlc.com/a517ef38/fullscreen.php?hash=04939a1a63262e642a19b8f9d5f5b1d4&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 7068
cf-polished: origSize=3335
status: 200
cf-request-id: 0267f8f74700009ac8741f4200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-d07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 58b9c4387c3b9ac8-FRA
cf-bgj: minify

GET
DATA 200
OK truncated
/ Frame 51D5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff8d9c5064b0df86f90451bfa695510ba3f4eefe596cf844349ba9d4ecdfc3d0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 34A9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d730d590116affebdb2d3420ab728c4134de592b5e7216a3745e68df460e41e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6E38 43 KB
14 KB 31ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

91f8024d76cd0c81be46f004a7d3144bcd1c91c17f03beecfa6ff06d41b03346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "500 / 357 of 1000 / last-modified: 1588103760"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14514
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
H2 200 send
yadloop.com/ Frame 64B9 0
0 51ms
51ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/send?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475213&cb=9212911588171104234
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /send?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475213&cb=9212911588171104234
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 515
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 0G3wrQvY4qHDdpcPSuF0YHohsD-uHN-5RGPPoRvAn6R4cFgoto9C9g==

GET
H2 200 user
yadloop.com/ Frame 0744 0
0 46ms
46ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f9&cb=2217691588171104236
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f9&cb=2217691588171104236
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 400
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: JbuE-5T1Gz4zRNqQTvIISOBZuBbEuxWo16W6Tm4J2-Z5guVkyndVSw==

GET
H2 200 stats
yadloop.com/ Frame 1312 0
0 55ms
49ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba023&cb=5322641588171104238
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba023&cb=5322641588171104238
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 552
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: AGOmFG2xOzByAT7xUrBPPBN5MmMgIGHYiWVnan33e5EiYGkImwtV2A==

GET
H2 200 user
yadloop.com/ Frame EB10 0
0 76ms
75ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a97&cb=6175711588171104242
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a97&cb=6175711588171104242
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 731
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: pX6iAzWjauOpPD11vXUxvlUkEwvVeR5rdbsEGxLJg18AzNDVwf4MJg==

GET
H2 200 syncro
yadloop.com/ Frame D69A 0
0 70ms
70ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/syncro?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a1&cb=9942291588171104250
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /syncro?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a1&cb=9942291588171104250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 8QlDe2qopDhhWVHz3lIMGv3IlNCIDo4s_RnbraEfNqG6ZiL8n0_fsg==

GET
H2 200 stats
yadloop.com/ Frame D687 0
0 74ms
73ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe483&cb=9869541588171104255
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe483&cb=9869541588171104255
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: PkO6apgJyLvXf-Nc8dqaEYvPBaBEe0tcmkwAQcucors17g5MjbiZPg==

GET
H2 200 sync
yadloop.com/ Frame AFDF 0
0 73ms
72ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/sync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb31&cb=0513381588171104265
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /sync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb31&cb=0513381588171104265
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 388
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: iO3EgfN8v613rZhe_nqHWnA4wPu70AguuE_Xhjw213R1ZgTD07W7mg==

GET
H2 200 stat
yadloop.com/ Frame 53DE 0
0 71ms
71ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stat?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f7&cb=8601051588171104269
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stat?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f7&cb=8601051588171104269
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 311
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: FXzROdgaGw86ZIOrPMb0758KKa1v8eoJ5YtS0yFHji8o9AXjUUVLsw==

GET
H2 200 usersync
yadloop.com/ Frame E0C8 0
0 76ms
71ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab301&cb=0395151588171104272
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab301&cb=0395151588171104272
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 345
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: FoKE1dj-9wbWDDA6CgzDfxVBZ2hrg6ZPXuRzaGI4d4G3IIFZFIu5cg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 043E 43 KB
14 KB 34ms
30ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9ea5e9fe3bb11ac9313975f79401449a84f260db206580c96df2f32a98ee331d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "500 / 826 of 1000 / last-modified: 1588103688"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14514
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
H2 200 send
yadloop.com/ Frame DA34 0
0 76ms
70ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/send?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a33&cb=7206901588171104287
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /send?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a33&cb=7206901588171104287
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 345
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: mEQFxtyYP203A3W-kXdHg8TKg4EDSUrLZYcDuw5R0UHpFeCrnSrhAQ==

GET
H2 200 syncro
yadloop.com/ Frame BEF9 0
0 75ms
75ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/syncro?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d81&cb=8410951588171104291
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /syncro?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d81&cb=8410951588171104291
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: vaXbWnQMBuVKoxnxV9SPpvzwv2KcvN_OcZhiiwyS4kZNs_VtJgi8MA==

GET
H2 200 stats
yadloop.com/ Frame A829 0
0 91ms
89ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1753&cb=0768151588171104295
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1753&cb=0768151588171104295
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 311
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: VsEXaNB9ajyPwk8fb9vS-hNiXK-LpnoGzh7mJMPcLcscZl7TpHf8sg==

GET
H2 200 usersync
yadloop.com/ Frame 0FE1 0
0 82ms
80ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260887&cb=1740711588171104299
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260887&cb=1740711588171104299
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 730
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: CyAxWKy4Pk9PzOV2BkycWKUri8wnEOXlUNS6vhhvrmkp2p-BiF98Bg==

GET
H2 200 stats
yadloop.com/ Frame DBA0 0
0 56ms
50ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e701&cb=9415361588171104307
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e701&cb=9415361588171104307
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 551
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: zv-B2u2m6McayV6TDNg1G3Bv3Mre_tKjhROdpXFeQqIFjzq63kpJnQ==

GET
H2 200 counter
yadloop.com/ Frame 652D 0
0 81ms
81ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/counter?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d35&cb=2853371588171104319
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /counter?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d35&cb=2853371588171104319
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 2026
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: dyPn0JIFF4wqyEzFW7TZyXo4ynR8Lw2up_HzUJVYhCAMy-dfMj6mGg==

GET
H2 200 syncro
yadloop.com/ Frame BAB3 0
0 79ms
78ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/syncro?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b3&cb=7287791588171104326
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /syncro?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b3&cb=7287791588171104326
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 397
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: w4YLSoXxhKuTpEX_y8ro4OIDwfXiN1bbzffPaoXjbz-4F8HbfgtE6w==

GET
H2 200 stats
yadloop.com/ Frame F942 0
0 76ms
72ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc1&cb=7063671588171104328
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc1&cb=7063671588171104328
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 388
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Jm3iqJfiGIRgZq1vtnJM6C9HBa4Nhr7goQCa3IoBeZHnMahDiNFm6Q==

GET
H2 200 sync
yadloop.com/ Frame D29F 0
0 62ms
49ms Document
text/html 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/sync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e71&cb=4446821588171104335
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /sync?gdpr_consent=BOEFEAyOEFEAyAHABDENAI4AAAB9vABAASA&gdprf=1&i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e71&cb=4446821588171104335
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=d223a31f699f5c28dd6c52fcadd02fb507ea2cee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 515
date: Wed, 29 Apr 2020 14:38:24 GMT
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 0jlxq8GTJPqFYUs7ACcAS5yXa6RwcpqaROjUBSp5C5NhVIC2MbMcNQ==

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame 6E38 109 B
839 B 157ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6E38 109 B
319 B 53ms
16ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6E38 237 KB
85 KB 74ms
38ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87243
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
H/1.1 200
OK Cookie set /
player.twitch.tv/ Frame AF10 0
0 132ms
23ms Document
text/html 151.101.14.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.twitch.tv/?channel=mrmouton
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Host: player.twitch.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/a517ef38
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

Connection: keep-alive
Content-Length: 601
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Tue, 28 Jan 2020 23:40:13 GMT
Server: AmazonS3
Content-Encoding: gzip
Cache-Control: public, max-age=60
Via: 1.1 fabe381dacc990f9c402cdc69b69dd26.cloudfront.net (CloudFront) 1.1 varnish
X-Amz-Cf-Pop: FRA54
X-Amz-Cf-Id: XZ5d0AQ4f6fySFXSVkgUZ4jtvDMLZf4ZclxC-whPhBBJs-sDfcoQZg==
Accept-Ranges: bytes
Date: Wed, 29 Apr 2020 14:38:24 GMT
Age: 16
Set-Cookie: unique_id=ZRkQxR02DSkcTpBgRaEb74ErP1myKP1t; domain=.twitch.tv; path=/; Secure; SameSite=None; expires=Sat, 27 Apr 2030 14:38:24 GMT; unique_id_durable=ZRkQxR02DSkcTpBgRaEb74ErP1myKP1t; domain=.twitch.tv; path=/; Secure; HttpOnly; SameSite=None; expires=Sat, 27 Apr 2030 14:38:24 GMT;
X-Served-By: cache-fra19176-FRA
X-Cache: Hit from cloudfront, HIT
X-Cache-Hits: 1
X-Timer: S1588171105.613978,VS0,VE0
Vary: Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method, Origin

GET
H2 200 pxl.jpg
yadloop.com/ Frame 34A9 597 B
829 B 106ms
40ms Image
image/jpeg 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=uml4x413apkiqmcvre&s=778&p=https%3A%2F%2Fcontrolc.com%2Fa517ef38&h=8788411588171104487
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: ykdUv3MYZ8lMswcojjuE2-bJUQ9hKM1syaXv4wLDubeobkpcKTjI5w==

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame 043E 109 B
171 B 72ms
17ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 043E 109 B
171 B 74ms
18ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 043E 237 KB
85 KB 91ms
36ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87243
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
H2 200 pxl.jpg
yadloop.com/ Frame 51D5 597 B
829 B 58ms
47ms Image
image/jpeg 13.35.253.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=qwpqn1ipjtdny52xwe&s=778&p=https%3A%2F%2Fcontrolc.com%2Fa517ef38&h=7969031588171104510
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-42.fra6.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: lo8o2ctWo6dw0AVyyJU6SpRoPmB_bVK62ULESlHnFJaWDtEPGvxq2Q==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6E38 4 KB
2 KB 387ms
385ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1782877774915079&correlator=3052939800880880&output=ldjh&impl=fifs&eid=21065959%2C44718965&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200429&iu_parts=21671350435%2C160x600-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cookie=ID%3D13e01de2968dd1b9%3AT%3D1588171103%3AS%3DALNI_MYPCa_5LRY6CG2-sI7Oz8YT26d_Yw&cdm=controlc.com&bc=31&abxe=1&lmt=1588171104&dt=1588171104653&dlt=1588171104230&idt=365&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adxs=1390&adys=226&adks=2407567311&ucis=62ifjp62nryy&ifi=1&ifk=1854630195&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2Fa517ef38&top=https%3A%2F%2Fcontrolc.com%2Fa517ef38&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&ga_vid=881463528.1588171104&ga_sid=1588171105&ga_hid=847902230&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

429432f7ab0cccaa718777ab2268f0b52255b7167ff84fb24c2ce4f0a884a486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1901
x-xss-protection: 0
google-lineitem-id: 4920373360
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257300386
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 6E38 0
0 6ms
5ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK prebid3.12.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 7332 224 KB
224 KB 191ms
72ms Script
application/javascript 13.35.254.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Requested by: Host: ads3.mthsense.com
URL: https://ads3.mthsense.com/RenderAd.aspx?id=14896&width=728&height=90
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.167 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-167.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98de3f600c4ff915204d27a70fd224d9b428158a28c7b6d8e8d63ba2a0f6c374

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 00:31:19 GMT
Via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
Last-Modified: Wed, 18 Mar 2020 22:27:12 GMT
Server: AmazonS3
Age: 50826
ETag: "c7e13df4edfbc8f3b857a7aefaf19731"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 229297
X-Amz-Cf-Id: eECguxG9-sGzdzGFmMYll1TDYCKZEG0z0tmVzMmWQVIiVkaRgyukSw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7332 43 KB
14 KB 90ms
76ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

035b2b00b4ebf3e8c6ab0692a07eab9719cae717a900c853d42be7de303a7013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "500 / 792 of 1000 / last-modified: 1588103688"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14513
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:24 GMT

GET
DATA 200
OK truncated
/ Frame 934C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19f25617af42d1a8046ab0c6e0f0babea26b6b869e58f4165145b10f2f120e1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 043E 3 KB
2 KB 206ms
201ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=650038338631811&correlator=1857470759249960&output=ldjh&impl=fifs&adsid=NT&eid=21065401%2C21065516%2C21065782&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200429&iu_parts=21671350435%2C728x90-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D13e01de2968dd1b9%3AT%3D1588171103%3AS%3DALNI_MYPCa_5LRY6CG2-sI7Oz8YT26d_Yw&cdm=controlc.com&bc=31&abxe=1&lmt=1588171104&dt=1588171104870&dlt=1588171104283&idt=519&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=163&adks=1088513110&ucis=6j3z4vwa20aa&ifi=1&ifk=2416924765&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2Fa517ef38&top=https%3A%2F%2Fcontrolc.com%2Fa517ef38&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=881463528.1588171104&ga_sid=1588171105&ga_hid=1118984665&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

da0695e24a65d7d0090de78eb74b621dc42c1e90b4b816c2ffa40e32ac350ca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1866
x-xss-protection: 0
google-lineitem-id: 4920373360
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257300761
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 043E 0
0 10ms
5ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7332 109 B
174 B 120ms
24ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7332 109 B
171 B 120ms
24ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7332 237 KB
85 KB 189ms
92ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87243
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:25 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DAAF 0
0 121ms
34ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup_ipwRyUceG52VqDK0KoRdpu38OEtyGDetuXlB4M5jzQr6IIVqK9NtwypPbUEiyK-rae9JNN7jz8EkAeKNRXGZgkAsG2Eol47s9l7t922k0OC6-G71MrCdw2y5OfP8G5jVyJkq1QcyBODEwlQ3XLjX0WHIlQAcqfJxai460MmEIbJm15wu7lhS7xYgV8YP7PeOUujHdSMO2CFVrncFzbpmobjH36mfvN6GBSDKzHFZdhxkMdC3UQbpvxDhES1a112oliUo8gFJDsncA&sig=Cg0ArKJSzNsQJtc_5pTsEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAAF 75 KB
28 KB 129ms
43ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914rxlidarcontrol

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587986955147099"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28776
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:25 GMT

GET
H/1.1 200
OK unicef_160x600.jpg
s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/ Frame DAAF 53 KB
53 KB 269ms
64ms Image
image/jpeg 52.218.80.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/unicef_160x600.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.80.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 81804a1b2b20350ec009ba6429a4f58124c16ca30683af0af255544cd98c8fa6

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:38:26 GMT
Last-Modified: Sun, 23 Sep 2018 17:54:13 GMT
Server: AmazonS3
x-amz-request-id: AE20B50A2F87CEC7
ETag: "5dcf47442fc7fbb8d0263bbf4869537e"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 54292
x-amz-id-2: kyyS29BkbQ5oIFxhBVVi5ECifb4NVxCvb7Ksa2YzuJtjLBN+Y8VSX3BBmSJ6fXK4NHXEAQD9mJQ=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E38 74 KB
28 KB 166ms
77ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c56935854bed13b06e04dd8a756cb635edca2f98d1f55b3608ecc200162426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587986955147099"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28343
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6E38 7 KB
6 KB 122ms
22ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d396b82ba7d04e169be8791d5d12a4f366875a3907e4afe041b7274ba6356af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5428
x-xss-protection: 0

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 7332 65 B
341 B 879ms
174ms XHR
application/json 208.100.17.172
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.172 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip172.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: 54b4392f0d85cff64fa7ce09c8b6536065590a8643b28de048138159585e4ee0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Apr 2020 14:38:26 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controlc.com
access-control-allow-credentials: true

POST
H2 200 auction Show response
exchange.bidphysics.com/ Frame 7332 2 KB
818 B 791ms
101ms XHR
application/json 54.236.169.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.bidphysics.com/auction
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.169.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-169-205.compute-1.amazonaws.com
Software: /
Resource Hash: 4b76c71b36a905d731a2835c3494971d52cddafbd5d050eff56307f106c8bcc3

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:26 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://controlc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 577
expires: 0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7332 0
0

GET
H2 200 arj Show response
os4m-d.openx.net/w/1.0/ Frame 7332 173 B
445 B 123ms
49ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcontrolc.com%2Fa517ef38&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=3c96af74-6544-40cb-87d1-7152b51a145d&nocache=1588171105380&aus=728x90&divIds=URL_Pasted_728x90_BTF__86&auid=540529560&aumfs=300&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash: 5d5b2b86db370045fa20d0f6aa1ef1f1216294c5d418fd3f932ca652cedb3f2f

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:25 GMT
content-encoding: gzip
server: OXGW/16.184.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://controlc.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET cygnus
as-sec.casalemedia.com/ Frame 7332 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7332 145 B
1 KB 182ms
119ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c03fa250061e261b3e1388c6f66ee1212235fad544cb4b4e9e315c5e5c3558c3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:38:27 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.48:80
AN-X-Request-Uuid: da928846-c667-4100-9ee9-61ad3f59a2b2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 7332 24 B
576 B 365ms
96ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.12.0
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 08039e9156e9f61001f7c1f1d45bf5fe8711acfdf23ffd50199c22ad0ed8f370

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 29 Apr 2020 14:38:25 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://controlc.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 44

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/74190/0/ Frame 7332 0
267 B 1453ms
97ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=3.12,2.1
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://controlc.com
Pragma: no-cache
Date: Wed, 29 Apr 2020 14:38:26 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C5C9 0
0 89ms
87ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOF3zEhM2PW4-D1kvcJu074bAU2KZdf9GtfArOZDHXDq2h9gRyXEjYbEqIlwHnbGCso5c6JeV54JhY45iRLifwYVqA7Wp-nH9SsRnuYyF1gbsEK59RIZJB1lTyS7yR8E77BTqV1P4guq-sN8X8c_8UeXn1vC41zs70R3S68K3XZ5m8N40nXFw9GhG9-1oGipAJ15vH-iOr6MZHnNI0dX8ShqrE9mpYqDWUoLEaV1QlJ13aS5iyR1TyqGqorXiIRWEXQLfnEYEp2o8&sig=Cg0ArKJSzHDiErbGFN14EAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5C9 75 KB
28 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587986955147099"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28776
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:25 GMT

GET
H/1.1 200
OK unicef_728x90.jpg
s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/ Frame C5C9 36 KB
36 KB 99ms
98ms Image
image/jpeg 52.218.80.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/unicef_728x90.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.80.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e8ff7f3a8926e5b5497d2ab7a1bf47c5655e287a51045f11846f426ac6c7d180

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 14:38:26 GMT
Last-Modified: Sun, 23 Sep 2018 17:54:21 GMT
Server: AmazonS3
x-amz-request-id: 14440CA976F9CE79
ETag: "58fbb6ffe72ac0c1aa468de39ee18e13"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 36773
x-amz-id-2: gEkLh0wRUdSuTpMEP+zDgM78EzKRoESszs57n3ODe9GBmRiEoC7/4FUoywOSmW58Ah9MztLWKC8=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 043E 74 KB
28 KB 96ms
93ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c56935854bed13b06e04dd8a756cb635edca2f98d1f55b3608ecc200162426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587986955147099"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28343
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 043E 7 KB
5 KB 78ms
73ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d50b94f946f710f902dead554de52608959690ed2a0ddaf47b68bfc482ef14b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E38 14 KB
5 KB 529ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:26 GMT

GET
DATA 200
OK truncated
/ Frame DAAF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a92fa0d0a4407b0e13687224fbf52ee4ba44799dca89d2aec0665e102d664c4d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 043E 14 KB
5 KB 281ms
11ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:26 GMT

GET
DATA 200
OK truncated
/ Frame C5C9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc001471e24e2163ae764c06d4e69406a301c11726f7081d4e8ca5ded40171e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 51D5 42 B
274 B 89ms
76ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0aO7NXvyX6SgzLN9giqCAiTajZOUHDTHn2kyyUmchAL-5Kpr27x-9CS14FQvYA30oiku4ubSsAbraHJZWPpp2NK5kvizot8aKRHQupuU&sig=Cg0ArKJSzDNCp1sOkun3EAE&adk=1406371575&tt=-1&bs=1600%2C1200&mtos=1360,1360,1360,1360,1360&tos=1360,0,0,0,0&p=163,50,253,778&mcvt=1360&rs=0&ht=0&tfs=408&tls=1662&mc=1&lte=0&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1588171104034&dlt&rpt=322&isd=0&msd=0&ext&xdi=0&ps=1600%2C1063&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-8-6-7-7-0-0-0&tvt=1657&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2Fa517ef38&r=v&id=osdim&vs=4&uc=8&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200427

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 34A9 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwsBD33e93luQ3lDIgYRI5_3REyzsy9ojlzOQBPSt7clD9yo4fS0M0bnHlnUh3OWURbFW9S8b5kJWmhVyTKGg4xbntWFqMHGAd9fcKXPQ&sig=Cg0ArKJSzEWoouM19RJ8EAE&adk=2762401180&tt=-1&bs=1600%2C1200&mtos=1363,1363,1363,1363,1363&tos=1363,0,0,0,0&p=178,1390,778,1550&mcvt=1363&rs=0&ht=0&tfs=368&tls=1965&mc=1&lte=0&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1588171104047&dlt&rpt=155&isd=0&msd=0&ext&xdi=0&ps=1600%2C1063&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-8-2-7-7-0-0-0&tvt=1965&is=160%2C600&iframe_loc=https%3A%2F%2Fcontrolc.com%2Fa517ef38&r=v&id=osdim&vs=4&uc=8&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200427

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7332 440 B
325 B 93ms
86ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4370674993768414&correlator=2800565498183163&output=ldjh&impl=fifs&adsid=NT&eid=21065734&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200429&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=hb_name%3DURL_Pasted_728x90_BTF__86%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&cdm=controlc.com&bc=31&abxe=1&lmt=1588171106&dt=1588171106358&dlt=1588171104751&idt=1061&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=1613&adks=554702876&ucis=i18azkocgdvj&ifi=1&ifk=2416924765&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2Fa517ef38&top=https%3A%2F%2Fcontrolc.com%2Fa517ef38&dssz=11&icsg=554&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1347199954.1588171106&ga_sid=1588171106&ga_hid=111567237&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

c7a0b90472300db21ac7416f064ae28190874067a92d93a050ea0b123e18d8fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 247
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7332 0
0 77ms
75ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 934C 42 B
110 B 103ms
95ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQjUvEH7fL2Cs5lBiP5L7QXzwiqOdGfSJC7C-GUS0KNLPgPoXv98JDpArnkJbcZz271tX26juDSYiFEa7zlkhvCUa4dcFpMmibi5MpeEs&sig=Cg0ArKJSzF_eR0ntVmQ0EAE&adk=2507290776&tt=-1&bs=1585%2C1200&mtos=0,1491,1491,1491,1491&tos=0,1491,0,0,0&p=1613,50,1707,778&mcvt=1491&rs=0&ht=0&tfs=283&tls=1384&mc=0.95&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst&dlt&rpt&isd&msd&ext&xdi=0&ps=1585%2C1839&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-6-3-5-5-0-0-0&tvt=1683&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2Fa517ef38&r=v&id=osdim&vs=4&uc=6&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200427

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 99FB 0
0 85ms
10ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 29 Apr 2020 13:53:16 GMT
expires: Thu, 29 Apr 2021 13:53:16 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2710
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame A957 0
0 84ms
9ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 29 Apr 2020 13:53:16 GMT
expires: Thu, 29 Apr 2021 13:53:16 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2710
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7332 7 KB
5 KB 24ms
17ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

266301e4987172fde965f00b48e25d1a091a28af78d71f40b0543902f48dfda9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5503
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7332 14 KB
5 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:26 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 78FD 0
0 7ms
7ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 29 Apr 2020 13:53:16 GMT
expires: Thu, 29 Apr 2021 13:53:16 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2711
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 043E 0
728 B 33ms
17ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=650038338631811&bg=!o6CloLhYaEMW7ARYtCsCAAABnFIAAABMmQGQo_WmwBm41H2zNILxFmIgTLVEnnUlRU_2-8GorfcwagPLJovrR3WYwDOfpUwkm56tw9BNo4UlVaKFYKT05UdBoW7eMkF10RKm_5z_QRfH4UzJmPRqaJPsn5H-uNpicfwrY1bdVuiDdbhwg-NwtsAOBluhQka1KH7EFlFfg9eMLmkCIlZb5WhUE4j4-vhJCaiSOHs1gwNwL-U26iBF27A0VWe-RVLaEfRVYKU4BKfb85wxg69WWgmeJba3HbkcuWTANttdKnwI4FQL8GKxl1LyODvqxn8RZK7MxvVh5SAjvUuwMrpApyc7QPeFJtufYnZDFUg1RD4jZhkbyrg-qFjpldRoHG7KhyRYhixURW2c78U6NV7FyisHpi-MxRS10vq4n3LyLW5I-DWKhD41b-onWKFA1Ma30M-1sVOKn0QiUhIzxNjyu9zQ1gafvkRrLXoyP3U4uygy9iLAeTONRNAGJ9E_QW0hYuD49TPJRVqFll8WZYdD0gkT0b9UtRicUh-UMe5v9wjWwoQNx_uzjtZlRw

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E38 0
49 B 73ms
67ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=1782877774915079&bg=!-vml-eFYTajuce_ELiACAAABU1IAAABTmQGQAgeT2uoblfN7m9Er1R9p37KjKpqCPyz4IdoGrNpl_09lzmR3ZINA1-k6mHU0OBHbk5mmUf50N04h7Qn5NhiCPZ68JXlL51kwMLHJs0ndCk6YcVUEb0hVchgC1kM_VsPvVdmoaX54HF8mMeclTHVSla2l_QkisWWAmU2FP9_fdlTfkhzzAu1alUhM9EGn7oSBtH2-75bpVN_Z6nw1Dw1q13-kDbqmAoiYzbs-Cq3PnKvQiEEUPjrE5SJD6pvohgiKo5urKLeh0MWU1qpsWQQfOEAHKHeh5f8iNoCv6SR4BUo8MIgQ7XU2ylBZWtqpOSOLCHnl3ibfcXVES9TxFGmAeIzeJbywzte1t04J8oryiqUPMqoX9pLbxrOAYjshjKgRhG4evg7lJ6yJBrUgvNhYg4qc0IoOB3Dwqzmqg3Wi0Hl6c3LZOD9_HVbnVP7eGIioWJfbQooujuo3bjE0MDv_sfxb0mmtwIVWY0CS3hq3LOSAwyY8-rfWfedEVCy3vTc1gtXIL2neYKLJHIvIOeBkhg

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7332 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=4370674993768414&bg=!Dg2lDRVYv1LafrU9FpYCAAABOlIAAACYmQGQ1kvJGCKgONKW-yu2E7sY5M9JrNtaes_UB19kGS23xOKRINXOh_MXzp_91Fh4ubk9eQWOmxurImwIvBBzG4SAqa679V7f5Nof0fh1DgvUTwL5m5Rrx381NM8ZlIPKSF33KRuxo7fel3DZMjevHZJYBQTnwSpVjv0qEUJbWYEE4jfpUHhyG-Eufj8jgZP_d-YLjkFnXzMOS2DQxoSVXJiyyapigAjbiUO6JC81nvv5SnbP5Gf6194qqSgMfyvsIt8Xg8WwocWyDFgwjm_-5k3YTXDoTIK_SCrnhslIJziPFm22A8B-dZbUbTKs83JMurP4w2_11qfUKXe6brdZEa4-G0QSw4ojS3s97BiuPddGGTUmQcDNgv5rtlQ5M4o7f1pDw6vC44gWdsivlGGX792Ou4UpXv2m_3PIKdJC1o1oSXNTufC0OJwEU2u8EoRt_Kn80Y-DHvmqjfYVgHYXvjPdmEmz8hNLVToUnvkZW1EDuHnyi9mGvYh8zmC_Dzpq7zJaDybUaPXMgId4LhkC9BqCrA

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C5C9 42 B
115 B 15ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHjm_ElCcljHowvpPJwZF87LsHTwkT8EfM0ZPiP_Y755nqUCiwJ81r2bsNAl4Tv3cDvU5Lp8N5sjTG8spshI5MIbfs027ouJbNrZW6i14&sig=Cg0ArKJSzOjJbkRI-tgCEAE&adk=1088513110&tt=-1&bs=1585%2C1200&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&p=0,0,90,728&mcvt=1010&rs=0&ht=0&tfs=710&tls=1727&mc=1&lte=0&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1588171105465&dlt&rpt=987&isd=0&msd&ext&xdi=0&ps=1585%2C1839&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-14-3-13-13-0-0-0&tvt=1725&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2Fa517ef38&r=v&id=osdim&vs=4&uc=14&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200427

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DAAF 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6AsCDB7Hy4avgUtHXE4jKVK8TCq46-1FgDcNF6m9uGEcJkCSCPLxiYvv-jPQol7BSn7yYM0CIbqPyL8LE9OvUtuH7lNhV5a8X26RKtYs&sig=Cg0ArKJSzO338mqsdzjREAE&adk=2407567311&tt=-1&bs=1585%2C1200&mtos=0,1010,1010,1010,1010&tos=0,1010,0,0,0&p=0,0,600,160&mcvt=1010&rs=0&ht=0&tfs=1092&tls=2213&mc=0.97&lte=0&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1588171105075&dlt&rpt=1076&isd=0&msd&ext&xdi=0&ps=1585%2C1839&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-15-17-14-14-0-0-0&tvt=2198&is=160%2C600&iframe_loc=https%3A%2F%2Fcontrolc.com%2Fa517ef38&r=v&id=osdim&vs=4&uc=15&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200427

Requested by

Host: controlc.com
URL: https://controlc.com/a517ef38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 view.php Show response
controlc.com/api/tinypaste/ 15 B
386 B 101ms
87ms XHR
text/html 2606:4700:3037::6818:6331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/api/tinypaste/view.php
Requested by: Host: controlc.com
URL: https://controlc.com/public/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:6331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 4c9a4e815935a4ae0a19e5acaaec7736e979a8c277a3dc87591ad1f5ea95c41f

Request headers

Accept: */*
Referer: https://controlc.com/a517ef38
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Apr 2020 14:38:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.5.38
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 58b9c4570d52e003-FRA
cf-request-id: 0267f90a680000e0033f8c3200000001

GET
H2

200

setuid
exchange.bidphysics.com/ Frame 7332
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D&ox_sc=1
https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5e994687-228a-067a-0833-503a343cb22b

0
384 B

300ms
108ms

Image
text/plain

54.236.169.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5e994687-228a-067a-0833-503a343cb22b
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.169.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-169-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 29 Apr 2020 14:38:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:30 GMT
via: 1.1 google
vary: Origin
server: Cowboy
status: 302
location: https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=5e994687-228a-067a-0833-503a343cb22b
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 1ucvp0iirca318rbdnuj58pd5un306o1

GET
H2

200

setuid
exchange.bidphysics.com/ Frame 7332
Redirect Chain

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BUID%5D
https://exchange.bidphysics.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&uid=86836cfc-f4ed-402e-92f6-b70ffaed4610

0
388 B

317ms
107ms

Image
text/plain

54.236.169.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bidphysics.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&uid=86836cfc-f4ed-402e-92f6-b70ffaed4610
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.169.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-169-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 29 Apr 2020 14:38:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:38:31 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://exchange.bidphysics.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&uid=86836cfc-f4ed-402e-92f6-b70ffaed4610
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
exchange.bidphysics.com/ Frame 7332
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&sovrn_retry=true
https://exchange.bidphysics.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=7753b6b2e609db7507bcb768

0
372 B

316ms
107ms

Image
text/plain

54.236.169.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bidphysics.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=7753b6b2e609db7507bcb768
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.169.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-169-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 29 Apr 2020 14:38:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Date: Wed, 29 Apr 2020 14:38:31 GMT
Server: nginx
Location: https://exchange.bidphysics.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=7753b6b2e609db7507bcb768
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
exchange.bidphysics.com/ Frame 7332
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fexchange.bidphysics.com%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=765864632378166518

0
369 B

343ms
106ms

Image
text/plain

54.236.169.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=765864632378166518
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.169.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-169-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 29 Apr 2020 14:38:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 29 Apr 2020 14:38:33 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.47:80
AN-X-Request-Uuid: 0b2f438a-f3da-4ae1-92ed-abbd8b0bd079
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=765864632378166518
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7332
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECQREBtvMi7XbDS9Y3msi_c&google_cver=1

43 B
175 B

29ms
27ms

Image
image/gif

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECQREBtvMi7XbDS9Y3msi_c&google_cver=1
Requested by: Host: controlc.com
URL: https://controlc.com/a517ef38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:31 GMT
via: 1.1 google
server: OXGW/16.184.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:31 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECQREBtvMi7XbDS9Y3msi_c&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 40ms
18ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9629d621635e5eaa28cebf07f8bf6ac85e588549600507b51aa13e63268c01e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Apr 2020 14:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 14:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Wed, 29 Apr 2020 14:38:43 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 4048 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/a517ef38
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://controlc.com/a517ef38

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 29 Apr 2020 14:00:10 GMT
expires: Thu, 29 Apr 2021 14:00:10 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2313
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=334856439952988&bg=!X1ylXERYN7_hIyAC1yECAAAATlIAAAAemQF0e-jUBh3vsln_KeqrLqVjq_t21_PsgnlZ46Lm40yC-zPaY76oOA1SHc_-PO0pViDwyMFbhpAF1I_RYAGOA1MBl35Z4q9YN35Pve6b9cZtDIMuVEHRCQ2xeoko_tuZn72DGqQqgIkaggF40UY7_eJSOPvZfeuFdCj7PLMI_ndVJzrREP0VqPrHq2MSrC_tWvDM7S6NrddUEH11WePUMH8nxM6mZSAHqXWC1xLXHQGq_4ejja2_nQnz2FfIO2qW6hvaKa4PRbb6EKGGsOA9tz9aUmXEyDpNNtd03El30J_bnaHo92gRBqxyrLgFT_IzylLJvJhsTUaZKL94ftNpwwD1Ck1vJjvpsNWhZeihiSNwSzVDOz4Y87Cw_2CAoMPbNdIEkK2FGiiA62VDl72p4AUpgJgyfPBneTSp22JABRFRks6DfiWrgwZQc0np5OEKFyFv3_HEdnwfgG-01NUXbfQaulzAqLGJJuxcVnTOM5lZ80_kB4dL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/a517ef38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Apr 2020 14:38:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710558&size_id=2&rf=https%3A%2F%2Fcontrolc.com%2Fa517ef38&tk_flint=pbjs_lite_v3.12.0&x_source.tid=3c96af74-6544-40cb-87d1-7152b51a145d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3711278765495254

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/cygnus?s=303653&v=7.2&r=%7B%22id%22%3A%229cb5ba584e9615%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c31c69ea21be4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303653%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcontrolc.com%2Fa517ef38%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 11:19:07	Name: PUBMDCID Value: 3
.zeotap.com/	1970-01-23 00:45:31	Name: zc1 Value: 4d5a3725-bd0f-4ee2-5469-fd0c2843555c
.zeotap.com/	1970-01-23 00:45:31	Name: zc Value: 4d5a3725-bd0f-4ee2-5469-fd0c2843555c
.yadloop.com/	1970-01-19 18:33:59	Name: __qca Value: P0-1847101733-1588171121815

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js?21065983(Line 6) Message: GPT does not support passback slots on the top window. Each passback slot should be defined and rendered within an iframe.
console-api	log	URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=7135341588171104047(Line 30) Message: %c [object HTMLImageElement]
console-api	log	URL: https://controlc.com/a517ef38(Line 237) Message: [object Object]
console-api	log	URL: https://controlc.com/a517ef38(Line 258) Message: [object Object]
console-api	log	URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=3433451588171104033(Line 30) Message: %c [object HTMLImageElement]
console-api	warning	(Line 1) Message: NO prebid responses1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads3.mthsense.com
adservice.google.be
adservice.google.com
adservice.google.de
ap.lijit.com
api.twitch.tv
as-sec.casalemedia.com
cdn.carbonads.com
cdn.fancybar.net
cm.g.doubleclick.net
controlc.com
d2tbmvllb55wxq.cloudfront.net
eu-u.openx.net
exchange.bidphysics.com
fastlane.rubiconproject.com
ib.adnxs.com
os4m-d.openx.net
pagead2.googlesyndication.com
player.twitch.tv
rtb.openx.net
s3-eu-west-1.amazonaws.com
securepubads.g.doubleclick.net
srv.carbonads.net
ssc.33across.com
stats.g.doubleclick.net
sync.go.sonobi.com
tag.1rx.io
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
yadloop.com
as-sec.casalemedia.com
fastlane.rubiconproject.com
13.35.253.42
13.35.254.167
134.209.16.110
151.101.14.167
151.101.14.214
172.217.16.130
178.162.133.149
208.100.17.172
213.19.147.210
216.58.206.2
23.111.10.140
23.111.10.144
2606:4700:3037::6818:6331
2a00:1450:4001:809::2002
2a00:1450:4001:816::2004
2a00:1450:4001:819::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2001
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9a
34.95.120.147
35.241.44.144
37.252.172.249
40.84.148.247
52.218.80.84
54.236.169.205
72.251.249.14
035b2b00b4ebf3e8c6ab0692a07eab9719cae717a900c853d42be7de303a7013
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea
08039e9156e9f61001f7c1f1d45bf5fe8711acfdf23ffd50199c22ad0ed8f370
0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc
0d730d590116affebdb2d3420ab728c4134de592b5e7216a3745e68df460e41e
10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2
19f25617af42d1a8046ab0c6e0f0babea26b6b869e58f4165145b10f2f120e1f
249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056
24adc7c2d602e83664123398f6bd47b59884e330bfcec72928f0282666502274
266301e4987172fde965f00b48e25d1a091a28af78d71f40b0543902f48dfda9
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6
31c70fc4fa7dee6db3f53f0c1db540813dfc6523f0226634179a701062d3e616
3d396b82ba7d04e169be8791d5d12a4f366875a3907e4afe041b7274ba6356af
429432f7ab0cccaa718777ab2268f0b52255b7167ff84fb24c2ce4f0a884a486
439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986
467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734
4b76c71b36a905d731a2835c3494971d52cddafbd5d050eff56307f106c8bcc3
4c9a4e815935a4ae0a19e5acaaec7736e979a8c277a3dc87591ad1f5ea95c41f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51c56935854bed13b06e04dd8a756cb635edca2f98d1f55b3608ecc200162426
5321b86378fef54c76e17430a054fc69ab7232b42934f2f277cb4e6a5cdc2500
54b4392f0d85cff64fa7ce09c8b6536065590a8643b28de048138159585e4ee0
5d5b2b86db370045fa20d0f6aa1ef1f1216294c5d418fd3f932ca652cedb3f2f
72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9
770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718
7bee3a5ad33b029f119b2245f33ba68b6e3aff305c17379b180545b4e50ad178
8028739b2067aa288b1bb58158cef5d21dc8cb787c231b2da5064f7fd9b5638a
81804a1b2b20350ec009ba6429a4f58124c16ca30683af0af255544cd98c8fa6
86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced
8d085a06d8c3fd49c6e05b3a602a8c64c171c585c7713cb57658578729757a7e
91f8024d76cd0c81be46f004a7d3144bcd1c91c17f03beecfa6ff06d41b03346
9629d621635e5eaa28cebf07f8bf6ac85e588549600507b51aa13e63268c01e6
98de3f600c4ff915204d27a70fd224d9b428158a28c7b6d8e8d63ba2a0f6c374
9ea5e9fe3bb11ac9313975f79401449a84f260db206580c96df2f32a98ee331d
a33229dd5e06b9426f84536ce878c9d58dda7865a35019d52e2d290312ef7a84
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a92fa0d0a4407b0e13687224fbf52ee4ba44799dca89d2aec0665e102d664c4d
aaced4e8d533fb090c3c389d262b7030858bd891ea17cdbb636b335b8e395f96
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
b8579732f8fd3f6c30fff6e7033735e18d3f5ca38d0885750a4073c409dac68e
b8d3aca312763e70e86ceb0e2314eca8be40af74b5a656c2a1b76d5e1378629d
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2
bb5e6be1c9f8465f84c4790f043c68293e5d7f5d49189d9c08272632e7cd31b1
c03fa250061e261b3e1388c6f66ee1212235fad544cb4b4e9e315c5e5c3558c3
c248cda33f942842c869a9791948211e82c43c8caf2693fbb670c80231b06120
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
c7a0b90472300db21ac7416f064ae28190874067a92d93a050ea0b123e18d8fc
d50b94f946f710f902dead554de52608959690ed2a0ddaf47b68bfc482ef14b3
d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd
d90fd78e4f5030674ba3ec27d93ec1fe05fc51facc6812935f571e714711d0b5
da0695e24a65d7d0090de78eb74b621dc42c1e90b4b816c2ffa40e32ac350ca7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ff7f3a8926e5b5497d2ab7a1bf47c5655e287a51045f11846f426ac6c7d180
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b
f57958616b77a8ebbddb057149fe73c9652c4efd54ab3befc91fc5bbfdaa19aa
f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3
f9727465c17f22966e88df414eccd5309a002acc3709ff5d6fbd13afe8c48cd8
f9cc73b69d62465e704862c55a9c4deae7a5275e21cda301fd98128c95bed05e
fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08
fc001471e24e2163ae764c06d4e69406a301c11726f7081d4e8ca5ded40171e2
ff8d9c5064b0df86f90451bfa695510ba3f4eefe596cf844349ba9d4ecdfc3d0

controlc.com Open in urlscan Pro 2606:4700:3037::6818:6331 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

127 Requests

98 %HTTPS

32 %IPv6

25 Domains

34 Subdomains

24 IPs

7 Countries

1264 kBTransfer

2801 kBSize

4 Cookies

0 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

controlc.com Open in urlscan Pro
2606:4700:3037::6818:6331 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

98 %
HTTPS

32 %
IPv6

25
Domains

34
Subdomains

24
IPs

7
Countries

1264 kB
Transfer

2801 kB
Size

4
Cookies

127 HTTP transactions
5 data transactions